You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
leafnodes compression
About this tag
The leafnodes compression tag on WindowsForum.com covers a critical security vulnerability in NATS Server, specifically CVE-2026-29785. This bug allows a malicious remote NATS server to cause a pre-authentication panic by abusing compression during leafnode negotiation, leading to a denial of service. The issue affects NATS Server versions before v2.11.14 and v2.12.5. Users are advised to upgrade or disable compression on the leafnode port as a temporary mitigation. Discussions focus on the technical details of the vulnerability, its impact on server availability, and recommended fixes.
NATS Server has disclosed a serious availability bug in its leafnode handling, tracked as CVE-2026-29785. According to the project’s own advisory, a malicious remote NATS server can trigger a pre-authentication panic by abusing compression during leafnode negotiation, taking down the impacted...