CVE-2018-3778

CVE-2018-3778

Vendor Hackerone

Product aedes

Weakness CWE-285

Published August 8, 2018

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Improper authorization in aedes version <0.35.0 will publish a LWT in a channel when a client is not authorized.

Key dates

02Disclosure timeline

August 8, 2018 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-3778

Related vulnerabilities

04Related CVE

CVE-2025-4136 Weitong Mall Sale Endpoint improper authorization CVE-2026-33146 Docmost's Public Share Search Exposes Metadata of Restricted Children CVE-2025-3536 Tutorials-Website Employee Management System delete-user.php improper authorization CVE-2025-15123 JeecgBoot datarule improper authorization CVE-2023-28325