Vulners
Lucene search
CVE-2026-34197
🗓️ 07 Apr 2026 07:50:10Reported by apacheType 
cve🔗 web.nvd.nist.gov📰️ 17 Media mentions👁 45 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 88 |
|---|---|---|---|---|
 | Exploit for Improper Input Validation in Apache Activemq | 6 Jun 202612:39 | – | githubexploit |
| Exploit for Improper Input Validation in Apache Activemq | 18 May 202614:36 | – | githubexploit |
| Exploit for Improper Input Validation in Apache Activemq | 8 May 202605:39 | – | githubexploit |
| Exploit for CVE-2026-34197 | 8 Apr 202620:07 | – | githubexploit |
| Exploit for CVE-2026-34197 | 14 Apr 202620:44 | – | githubexploit |
| Exploit for CVE-2026-34197 | 9 Apr 202609:44 | – | githubexploit |
| Exploit for Improper Input Validation in Apache Activemq | 18 May 202603:30 | – | githubexploit |
| Exploit for CVE-2026-34197 | 8 Apr 202609:18 | – | githubexploit |
| Exploit for CVE-2026-34197 | 10 Apr 202601:29 | – | githubexploit |
 | Apache ActiveMQ < 5.19.6 / 6.x < 6.2.5 Multiple Vulnerabilities | 30 Apr 202600:00 | – | nessus |
10
Node
OROROR
[
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.activemq:activemq-broker",
"product": "Apache ActiveMQ Broker",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "5.19.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "6.2.3",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.activemq:activemq-all",
"product": "Apache ActiveMQ All",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "5.19.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "6.2.3",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.activemq:apache-activemq",
"product": "Apache ActiveMQ",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "5.19.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "6.2.3",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| type | request body | /api/jolokia/ | Jolokia exec call to addNetworkConnector with a VM transport URI carrying brokerConfig to load remote Spring XML (RCE). | CWE-20, CWE-94 |
| mbean | request body | /api/jolokia/ | Jolokia exec call to addNetworkConnector with a VM transport URI carrying brokerConfig to load remote Spring XML (RCE). | CWE-20, CWE-94 |
| operation | request body | /api/jolokia/ | Jolokia exec call to addNetworkConnector with a VM transport URI carrying brokerConfig to load remote Spring XML (RCE). | CWE-20, CWE-94 |
| arguments | request body | /api/jolokia/ | Jolokia exec call to addNetworkConnector with a VM transport URI carrying brokerConfig to load remote Spring XML (RCE). | CWE-20, CWE-94 |
| cmd | path | /admin/.jsp | Webshell file written to /admin/.jsp via Spring XML payload and executable via HTTP parameter cmd (post-exploitation access). | CWE-20, CWE-94 |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
16 Apr 2026 19:59Current
6.6Medium risk
Vulners AI Score6.6
CVSS 3.18.8
EPSS0.83461
SSVC