39 matches found
Exploit for Improper Input Validation in Apache Activemq
CVE-2026-34197 - Apache ActiveMQ RCE via Jolokia 1. Overvi...
Weekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer Enum
When Open Source is a bit too Open Several fun modules landed this week, including an Apache RCE, Windows Kernel pointer collection, and Gogs RCE via naming. Leading off is Gogs' RCE that allows an attacker to execute commands by naming their branch --exec and requesting a rebase. Another useful...
ROOT-APP-MAVEN-CVE-2026-34197 CVE-2026-34197 in io.root.org.apache.activemq:activemq-broker - Patched by Root
Root has patched CVE-2026-34197 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...
at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1035 more potentially affected by CVE-2026-34197 +1 more via org.apache.activemq:activemq-broker (>=5.10.0 <=5.19.6)
org.apache.activemq:activemq-broker MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-34197, CVE-2026-45505 Source advisory:...
be.yildiz-games:module-messaging-activemq (=2.0.0), com.codbex.atlas:codbex-atlas-application (>=1.1.0 <=2.108.0) +138 more potentially affected by CVE-2026-34197 +1 more via org.apache.activemq:activemq-broker (>=6.0.0 <=6.2.5)
org.apache.activemq:activemq-broker MAVEN version =6.0.0, =1.1.0, =2.55.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =1.0.1, =0.2.2, =0.2.3 and more Source cves: CVE-2026-34197, CVE-2026-45505 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-17151885...
com.espertech:esperio-springjms (=9.0.0), io.fabric8.examples:fabric-activemq-demo (>=1.1.0.Beta1 <=1.2.0.redhat-133) +21 more potentially affected by CVE-2026-34197 +1 more via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.5)
org.apache.activemq:activemq-all MAVEN version =6.0.0, =1.1.0.Beta1, =1.1.0.Beta1, =1.1.0.Beta1, =4.2.9.hyte-4296, =4.2.9.hyte-4296, =4.2.9.hyte-4296, =4.2.9.hyte-4296, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.5 and more Source cves: CVE-2026-34197, CVE-2026-45505 Source advisory:...
Exploit for Improper Input Validation in Apache Activemq
CVE-2026-34197 ActiveMQ Classic Security Detection Tool This...
VulnCheck KEV: CVE-2026-40466
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. An authenticated attacker may bypass the fix in CVE-2026-34197 by adding a connector using an HTTP Discovery transport...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2026-34197)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-34197 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2026-34197 DESCRIPTION: Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broke...
com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.3) +5 more potentially affected by CVE-2026-34197 +1 more via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.3)
org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2026-34197, CVE-2026-40466 Source advisory: OSV:GHSA-W3W2-MPP5-92GM...
be.yildiz-games:module-messaging-activemq (>=1.0.0 <=1.0.1), cn.codeforfun:jfinal-activemq (=0.3) +215 more potentially affected by CVE-2026-34197 +1 more via org.apache.activemq:activemq-all (>=4.1.2 <=5.19.5)
org.apache.activemq:activemq-all MAVEN version =4.1.2, =1.0.0, =6.0.03, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.3-rc1, =2.0.0, =3.0.0, =8.0.0, =2.0.0, =1.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2026-34197, CVE-2026-40466 Source advisory: OSV:GHSA-W3W2-MPP5-92GM...
be.yildiz-games:module-messaging-activemq (=2.0.0), com.codbex.atlas:codbex-atlas-application (>=1.1.0 <=2.108.0) +102 more potentially affected by CVE-2026-34197 +1 more via org.apache.activemq:activemq-broker (>=6.0.0 <=6.2.4)
org.apache.activemq:activemq-broker MAVEN version =6.0.0, =1.1.0, =2.55.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =0.2.2, =1.4.0, =2.2.0 and more Source cves: CVE-2026-34197, CVE-2026-40466 Source advisory: OSV:GHSA-W3W2-MPP5-92GM...
org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2026-34197 +1 more via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)
org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2026-34197, CVE-2026-40466 Source advisory: OSV:GHSA-W3W2-MPP5-92GM...
CVE-2026-40466 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Possible bypass of CVE-2026-34197 via HTTP discovery second-stage URI
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. An authenticated attacker may bypass the fix in CVE-2026-34197 by adding a connector using an HTTP Discovery transport...
CVE-2026-34197 vulnerabilities
Vulnerabilities for packages: apache-activemq-fips, geoserver, apache-activemq...
ROOT-OS-DEBIAN-12-CVE-2026-34197 CVE-2026-34197 in rootio-activemq - Patched by Root
Root has patched CVE-2026-34197 in the rootio-activemq package for Root:Debian:12. Multiple fixed versions available...
Exploit for CVE-2026-34197
CVE-2026-34197 — Apache ActiveMQ Classic RCE via Jolokia API...
Apache ActiveMQ < 5.19.4 / 6.x < 6.2.3 Improper Input Validation Code Injection
The version of Apache ActiveMQ running on the remote host is prior to 5.19.4 or 6.x prior to 6.2.3. It is, therefore, affected by an improper input validation and code injection vulnerability: - ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ with a default access policy tha...
Exploit for CVE-2026-34197
Fixed the issue...
Exploit for CVE-2026-34197
CVE-2026-34197 CVE-2026-34197 activemq PoC PoC for the Activ...