Mageia nats-server Critical Missing Access Controls CVE-2025-30215
mageia
June 24, 2026
Security update
Summary
Description:
nats-server and its dependencies are updated to fix CVE-2025-30215
Missing access controls for JS API in multi-tenancy
References
- https://bugs.mageia.org/show_bug.cgi?id=34184
- https://www.openwall.com/lists/oss-security/2025/04/08/5
- https://www.cve.org/CVERecord?id=CVE-2025-30215
Topics Covered
Resolution
SRPMS
- 9/core/nats-server-2.10.27-1.1.mga9
- 9/core/golang-uber-automaxprocs-1.6.0-1.mga9
- 9/core/golang-github-nats-io-1.41.1-1.mga9
- 9/core/golang-github-nats-io-jwt-2.5.2-1.mga9
- 9/core/golang-github-nats-io-nkeys-0.4.10-1.mga9
- 9/core/golang-github-prashantv-gostub-1.1.0-1.mga9
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date:25 Jun 2026
URL: https://advisories.mageia.org/MGASA-2026-0232.html
Type: security
CVE: CVE-2025-30215
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!