mochiMQTT v2.6.3 is vulnerable to Denial of Service (DoS) due to improper resource management. An attacker can exhaust system memory and crash the broker by establishing and maintaining a large number of malicious, long-term publish/subscribe sessions.
https://github.com/mochi-mqtt/server
https://gist.github.com/pengwGit/39760ed5ae03171622ca8215dc0d8c60