Auth bypass in Nats-io Nats-server

CVE-2026-58254

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.8, message trace destination checks were applied to ordinary client connections but not consistently to messages arr…

Vulnerability class: Broken Access Control

Affected products

Weakness classification (CWE)

References