Lucene search
K

18 matches found

OSV
OSV
added 2026/06/23 5:6 p.m.13 views

ROOT-APP-MAVEN-CVE-2025-66168 CVE-2025-66168 in io.root.org.apache.activemq:activemq-mqtt - Patched by Root

Root has patched CVE-2025-66168 in the io.root.org.apache.activemq:activemq-mqtt package for Root:Maven. Multiple fixed versions available...

8.8CVSS5.8AI score0.0078EPSS
Exploits0
OSV
OSV
added 2026/04/13 5:36 a.m.2 views

BIT-ACTIVEMQ-2026-40046 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT: Missing fix for CVE-2025-66168: MQTT control packet remaining length field is not properly validated

Integer Overflow or Wraparound vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT. The fix for "CVE-2025-66168: MQTT control packet remaining length field is not properly validated" was only applied to 5.19.2 and future 5.19.x releases but was missed for all 6.0.0+...

8.8CVSS5.8AI score0.0078EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/04/09 6:31 p.m.8 views

org.apache.activemq:activemq-http (>=6.0.0 <=6.2.3), org.apache.activemq:activemq-karaf (>=6.0.0 <=6.2.3) +4 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-mqtt (>=6.0.0 <=6.2.3)

org.apache.activemq:activemq-mqtt MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: OSV:GHSA-XVQC-PP94-FMPX...

8.8CVSS6AI score0.0078EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/09 6:31 p.m.9 views

com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.3) +5 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.3)

org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: OSV:GHSA-XVQC-PP94-FMPX...

8.8CVSS6AI score0.0078EPSS
Exploits0
OSV
OSV
added 2026/03/20 2:25 p.m.4 views

OESA-2026-1680 activemq security update

The most popular and powerful open source messaging and Integration Patterns server. Security Fixes: A vulnerability classified as problematic has been found in Apache ActiveMQ Application Server Software.CWE is classifying the issue as CWE-190. The product performs a calculation that can produce...

8.8CVSS5.4AI score0.0078EPSS
Exploits0References2
Chainguard
Chainguard
added 2026/03/18 7:17 p.m.6 views

CVE-2025-66168 vulnerabilities

Vulnerabilities for packages: geoserver...

8.8CVSS5.8AI score0.0078EPSS
Exploits0
OSV
OSV
added 2026/03/15 5:56 a.m.5 views

OESA-2026-1608 activemq security update

The most popular and powerful open source messaging and Integration Patterns server. Security Fixes: A vulnerability classified as problematic has been found in Apache ActiveMQ Application Server Software.CWE is classifying the issue as CWE-190. The product performs a calculation that can produce...

8.8CVSS5.4AI score0.0078EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-66168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WARNING: Users of 6.x should upgrade to 6.2.4 or later as the fix was missed in previous 6.x releases. See the following for more details:...

8.8CVSS5.7AI score0.0078EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/03/04 9:31 a.m.9 views

com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.3) +5 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.3)

org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15426350...

8.8CVSS6AI score0.0078EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/04 9:31 a.m.10 views

org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)

org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: OSV:GHSA-C825-6PH3-4H84...

8.8CVSS6AI score0.0078EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/04 9:31 a.m.6 views

org.apache.activemq:activemq-http (=6.2.0), org.apache.activemq:activemq-karaf (=6.2.0) +4 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-mqtt (=6.2.0)

org.apache.activemq:activemq-mqtt MAVEN version =6.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.activemq:activemq-mqtt and may be impacted: - org.apache.activemq:activemq-http =6.2.0 - org.apache.activemq:activemq-karaf =6.2.0 -...

8.8CVSS6AI score0.0078EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/04 9:31 a.m.6 views

org.apache.activemq:activemq-http (>=6.0.0 <=6.2.3), org.apache.activemq:activemq-karaf (>=6.0.0 <=6.2.3) +4 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-mqtt (>=6.0.0 <=6.2.3)

org.apache.activemq:activemq-mqtt MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15426349...

8.8CVSS6AI score0.0078EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/04 9:31 a.m.9 views

com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.1.8) +5 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-all (>=6.0.0 <=6.1.8)

org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.1.8 Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: OSV:GHSA-C825-6PH3-4H84...

8.8CVSS6AI score0.0078EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/04 9:31 a.m.6 views

com.cognifide.aet:cleaner (>=2.0.0 <=3.2.2), com.cognifide.aet:communication (>=2.0.0 <=3.2.2) +184 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-mqtt (>=5.10.0 <=5.19.1)

org.apache.activemq:activemq-mqtt MAVEN version =5.10.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.3-rc1, =2.0.0, =3.0.0, =3.0.0, =3.0.0, =1.1.0, =1.2.4.5, =1.2.4.6, =1.2.4.5, =1.2.4.5, =1.2.6.7 and more Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15426349...

8.8CVSS6AI score0.0078EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/04 9:31 a.m.10 views

be.yildiz-games:module-messaging-activemq (>=1.0.0 <=1.0.1), cn.codeforfun:jfinal-activemq (=0.3) +215 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-all (>=4.1.2 <=5.19.1)

org.apache.activemq:activemq-all MAVEN version =4.1.2, =1.0.0, =6.0.03, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.3-rc1, =2.0.0, =3.0.0, =8.0.0, =2.0.0, =1.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: OSV:GHSA-C825-6PH3-4H84...

8.8CVSS6AI score0.0078EPSS
Exploits0
NVD
NVD
added 2026/03/04 9:15 a.m.9 views

CVE-2025-66168

WARNING: Users of 6.x should upgrade to 6.2.4 or later as the fix was missed in previous 6.x releases. See the following for more details: https://activemq.apache.org/security-advisories.data/CVE-2026-40046-announcement.txt https://vulners.com/cve/CVE-2026-40046 Original Report: Apache ActiveMQ...

8.8CVSS0.0078EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/04 8:45 a.m.4 views

CVE-2025-66168

Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...

5.4CVSS6AI score0.0078EPSS
Exploits0References2Affected Software3
Circl
Circl
added 2026/03/03 6:20 p.m.4 views

CVE-2025-66168

creationtimestamp| type| source ---|---|--- 2026-03-03 18:20:06+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mg6f2fgybu24 2026-03-06 13:35:05+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mgfgjfuv2e32 2026-03-06...

8.8CVSS4.7AI score0.0078EPSS
Exploits0References9
Rows per page
Query Builder