A flaw was found in Rubygem MQTT. By default, the package used to not have hostname validation, resulting in possible Man-in-the-Middle (MITM) attack.
{
"cna_assigner": "redhat",
"cwe_ids": [
"CWE-29"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/12xxx/CVE-2025-12790.json"
}