{"id":"CVE-2025-65502","details":"Null pointer dereference in add_ca_certs() in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS initialization where SSL_CTX_get_cert_store() returns NULL.","modified":"2026-03-13T03:41:31.418300Z","published":"2025-11-24T14:15:48.100Z","references":[{"type":"REPORT","url":"https://github.com/cesanta/mongoose/issues/3306"},{"type":"FIX","url":"https://github.com/cesanta/mongoose/pull/3307"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cesanta/mongoose","events":[{"introduced":"0"},{"fixed":"452bcc68a4c5fecce2ca6ad5c9b60beca9b0214f"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"7.2"}]}}],"versions":["3.2","3.3","3.4","3.5","3.6","3.7","3.8","4.0","4.1","5.0","5.1","5.2","5.3","5.4","5.5","5.5_20140120","5.6","6.0","6.1","6.10","6.11","6.12","6.13","6.14","6.15","6.16","6.17","6.18","6.2","6.3","6.4","6.5","6.6","6.7","6.8","6.9","7.0","7.1"],"database_specific":{"vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["81101173494962791664314093816730485003","17561331730311471187096575611295949743","168208850472217345959817839290500139439","61425641275395339594192646831569603171"]},"source":"https://github.com/cesanta/mongoose/commit/452bcc68a4c5fecce2ca6ad5c9b60beca9b0214f","id":"CVE-2025-65502-cffe2bf2","signature_type":"Line","signature_version":"v1","target":{"file":"mongoose.h"},"deprecated":false},{"digest":{"threshold":0.9,"line_hashes":["81101173494962791664314093816730485003","17561331730311471187096575611295949743","168208850472217345959817839290500139439","61425641275395339594192646831569603171"]},"source":"https://github.com/cesanta/mongoose/commit/452bcc68a4c5fecce2ca6ad5c9b60beca9b0214f","id":"CVE-2025-65502-d3cb1e44","signature_type":"Line","signature_version":"v1","target":{"file":"src/mqtt.h"},"deprecated":false}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-65502.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}]}