CVE-2026-33223
MEDIUMCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Lifecycle Timeline
3Description
### Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The nats-server offers a `Nats-Request-Info:` message header, providing information about a request. ### Problem Description The NATS message header `Nats-Request-Info:` is supposed to be a guarantee of identity by the NATS server, but the stripping of this header from inbound messages was not fully effective. An attacker with valid credentials for any regular client interface could thus spoof their identity to services which rely upon this header. ### Affected Versions Any version before v2.12.6 or v2.11.15 ### Workarounds None.
Analysis
NATS-server versions prior to v2.12.6 or v2.11.15 contain an authentication bypass vulnerability where the Nats-Request-Info message header, intended to guarantee request identity, is not fully stripped from inbound client messages. An attacker with valid credentials to any regular client interface can spoof their identity to downstream services that rely on this header for authorization decisions, potentially leading to unauthorized access or impersonation. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today