Tag: NATS

Problems related to NATS, such as authorization failures, message loss, or configuration issues

ID	Title	Description	Category	Technology	Tags
CRE-2025-0045 Medium Impact: 4/10 Mitigation: 4/10	NATS Authorization Failure Detected	The NATS server has emitted an Authorization Violation log entry, meaning a client attempted to connect, publish, subscribe, or perform another operation for which it lacks permission. Intermittent violations often point to misconfiguration or start-up chaos. However, sustained or widespread violations can signal credential expiry or missing secrets.	Authorization Problems	nats	NATS Security Authorization Public
CRE-2025-0046 Medium Impact: 4/10 Mitigation: 4/10	NATS Permissions Violation Detected	The NATS server has emitted an Permission Violation log entry, meaning a client attempted to publish or subscribe to a subject for which it lacks permission.	Authorization Problems	nats	NATS Security Authorization Public
CRE-2025-0049 Low Impact: 2/10 Mitigation: 8/10	NATS Payload Size Too Big	The NATS server is configured to publish messages with payloads that may exceed the recommended maximum of 8 MB (the server’s default hard limit is 1 MB but it can be raised to 64 MB). Large messages put disproportionate pressure on broker memory, network buffers, and client back-pressure mechanisms. This warning signals NATS is at risk of degraded throughput, slow consumers, and forced connection closures intended to protect cluster stability.	Message Queue Problems	nats	NATS Public
CRE-2025-0082 High Impact: 0/10 Mitigation: 8/10	NATS JetStream HA failures: monitor goroutine, consumer stalls and unsynced replicas	Detects high-availability failures in NATS JetStream clusters due to: 1. Monitor goroutine failure — after node restarts, Raft group fails to elect a leader 2. Consumer deadlock — using DeliverPolicy=LastPerSubject + AckPolicy=Explicit with low MaxAckPending 3. Unsynced replicas — object store replication appears healthy but data is lost or inconsistent between nodes These issues lead to invisible data loss, stalled consumers, or stream unavailability.	Message Queue Problems	nats	NATS JetStream Raft Ack Deadlock Unsynced Replica
CRE-2025-0088 High Impact: 9/10 Mitigation: 8/10	NATS JetStream Storage Exhaustion Detection	Detects NATS JetStream storage exhaustion conditions when streams reach configured storage limits (maximum bytes, maximum messages) causing message storage failures. These patterns indicate insufficient stream storage capacity relative to message production rate, leading to message rejection and potential data loss.	Message Queue Problems	jetstream	NATS JetStream Storage Exhaustion Message Storage Failure Capacity Exceeded Data Loss Risk
CRE-2025-0095 High Impact: 9/10 Mitigation: 7/10	NATS Connection Exhaustion: Maximum Connections Exceeded	Detects NATS server connection exhaustion where the configured maximum connection limit is exceeded, preventing new clients from establishing connections. This represents a critical messaging infrastructure failure that can cause cascading outages across distributed systems.	Message Queue Problems	nats	NATS Connection Exhaustion Critical Infrastructure
CRE-2025-0103 Medium Impact: 0/10 Mitigation: 0/10	NATS Connection Failures and Network Partitions	Detects NATS connection failures and network partitions that can impact message delivery and system reliability.	Message Queue Problems	nats	NATS Connectivity