Home

Description

CloudburstMC Protocol is a protocol library for Minecraft Bedrock Edition. Prior to version 3.0.0.Beta12-20260420.182526-15, CloudburstMC Protocol is partially missing validation for FULL type authentication tokens (Cloudburst/Protocol). This vulnerability impacts publicly accessible software depending on the affected versions of Protocol, specifically the EncryptionUtils methods to validate auth payloads for FULL type tokens. This issue has been patched in version 3.0.0.Beta12-20260420.182526-15.

PUBLISHED Reserved 2026-05-11 | Published 2026-06-02 | Updated 2026-06-02 | Assigner GitHub_M




MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Problem types

CWE-287: Improper Authentication

Product status

< 3.0.0.Beta12-20260420.182526-15
affected

References

github.com/...otocol/security/advisories/GHSA-g2fr-c75x-4hf9

cve.org (CVE-2026-45289)

nvd.nist.gov (CVE-2026-45289)

Download JSON