CVE-2026-44838

Name of the Vulnerable Software and Affected Versions RabbitMQ versions 4.2.0 through 4.2.3

Description The MQTT plugin in RabbitMQ allows topic-level authorization using regular expressions with variable substitution. When administrators use patterns like ^{client id}-sensors$ to restrict access, the client id provided by the user in the MQTT CONNECT packet is inserted into the regex pattern without escaping special characters. This allows an authenticated MQTT user to inject regex operators and bypass authorization.

Recommendations Update to version 4.2.4 or 4.3.0.