Description
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, an authenticated user with subscription deny permissions could bypass a plain subject deny rule by using a queue subscription, because queue-specific deny evaluation could override the plain subject deny result when the queue name itself was not denied. This issue is fixed in versions 2.14.0, 2.12.7, and 2.11.16.
References (7)
Core 7
Core References
X_Refsource_Misc x_refsource_misc
https://github.com/nats-io/nats-server/releases/tag/v2.12.7
X_Refsource_Misc x_refsource_misc
https://github.com/nats-io/nats-server/releases/tag/v2.14.0
X_Refsource_Confirm x_refsource_confirm
https://github.com/nats-io/nats-server/security/advisories/GHSA-jx8g-9g95-6322
X_Refsource_Misc x_refsource_misc
https://github.com/nats-io/nats-server/commit/013586288078def45a6788096924eb4d150db65c
X_Refsource_Misc x_refsource_misc
https://github.com/nats-io/nats-server/commit/79c2f6e9ff87f594596337b6427dda85c38d1fe1
X_Refsource_Misc x_refsource_misc
https://github.com/nats-io/nats-server/commit/b9ffb63b85e7db3d25a13b2e234f5f7f7c13164d
X_Refsource_Misc x_refsource_misc
https://github.com/nats-io/nats-server/releases/tag/v2.11.16
Scores
CVSS v3
6.5
EPSS
0.0049
EPSS Percentile
38.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-285
Status
published
Products (3)
linuxfoundation/nats-server
< 2.11.16
nats-io/nats-server
< 2.11.16
nats-io/nats-server
>= 2.12.0-RC.1, < 2.12.7
Published
Jul 08, 2026
Tracked Since
Jul 09, 2026