diff --git a/include/mqtt.h b/include/mqtt.h
index b60f885..496da68 100644
--- a/include/mqtt.h
+++ b/include/mqtt.h
@@ -11,7 +11,9 @@
  * will be called on all PUBLISH notifications from the broker.
  *
  * `topicName` and `payload` (and their respective size arguments) indicate the
- * topic of the PUBLISH, and the corresponding payload.
+ * topic of the PUBLISH, and the corresponding payload. Both are only valid
+ * within the context of the callback and thus passed as a read-only,
+ * non-capturable capabilities.
  */
 typedef void __cheri_callback (*MQTTPublishCallback)(const char *topicName,
                                                      size_t topicNameLength,
diff --git a/lib/mqtt/mqtt.cc b/lib/mqtt/mqtt.cc
index 5738f92..6392680 100644
--- a/lib/mqtt/mqtt.cc
+++ b/lib/mqtt/mqtt.cc
@@ -468,9 +468,17 @@ namespace
 			              "The packet is of type PUBLISH, but topic or payload "
 			              "are not set.");
 
-			publishCallback(publishInfo->pTopicName,
+			// The payload and topic are only valid within the
+			// context of the callback: make them read-only and
+			// non-capturable.
+			Capability topic{publishInfo->pTopicName};
+			Capability payload{publishInfo->pPayload};
+			topic.permissions() &= CHERI::Permission::Load;
+			payload.permissions() &= CHERI::Permission::Load;
+
+			publishCallback(topic,
 			                publishInfo->topicNameLength,
-			                publishInfo->pPayload,
+			                payload,
 			                publishInfo->payloadLength);
 		}
 		else if (ackCallback)