Cesanta Vulnerabilities
Comprehensive security vulnerability database for Cesanta products
2
0
2
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-2967 | 6.3 | This vulnerability allows an attacker to potentially impersonate a trusted source in communications with the Cesanta Mongoose software, which could lead to unauthorized access or manipulation of data. However, exploiting this flaw is complex and difficult, requiring specific conditions to be met for a successful attack. | cesantamongoose | Exploit Available | about 1 month agoFeb 23, 2026 |
| CVE-2026-2966 | 6.3 | This vulnerability allows an attacker to potentially manipulate DNS requests, which could lead to predictable responses that might be exploited for further attacks. However, successfully exploiting this weakness is complex and requires a high level of skill, making it difficult for most attackers to execute. | cesantamongoose | Exploit Available | about 1 month agoFeb 23, 2026 |
About Cesanta Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Cesanta products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.