CVE-2026-45151

Name of the Vulnerable Software and Affected Versions NanoMQ versions prior to 0.24.9

Description NanoMQ is an Edge Messaging Platform. A null pointer dereference can occur in the quic stream recv() function when a substream is in a reopen state. The system completes the Asynchronous I/O (AIO) operation with an error but fails to return before attempting to lock the c->mtx variable.

Recommendations Update to a version later than 0.24.8.