2 matches found
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the Core protocol implementation. A malicious broker can force a broker to establish an outbound Core federation connection to it, and use it to inject or exfiltrate messages from the...
CVE-2026-27446
CVE-2026-27446 affects Apache Artemis and Apache ActiveMQ Artemis. The vulnerability enables an unauthenticated remote attacker to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker, potentially allowing message injection into any queu...