CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

152 matches found

UbuntuCve•added 2026/03/24 9:16 a.m.•5 views

CVE-2026-4649

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message CVE-2026-27446 https://www.cve.org/CVERecord . Since KNIME Business Hub uses Apache Artemis it is also affected by the issue...

5.3CVSS5.9AI score0.00085EPSS

Exploits0References2

ATTACKERKB•added 2026/03/24 8:15 a.m.•6 views

CVE-2026-4649

9.8CVSS5.9AI score0.00156EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2026/03/24 8:15 a.m.•4 views

CVE-2026-4649 Auth bypass in Apache Artemis allows reading all internal messages

5.3CVSS5.9AI score0.00085EPSS

Exploits0References1

NVD•added 2026/03/10 6:18 p.m.•2 views

CVE-2026-30968

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, the SSE endpoint /sse/v1/... in Coral Server did not strongly validate that a connecting agent was a legitimate participant in the session. Th...

9.8CVSS0.00065EPSS

Exploits0References2

RedHat Linux•added 2026/03/06 6:15 a.m.•1 views

org.apache.artemis:artemis-server: org.apache.activemq:artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication

A flaw was found in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated remote attacker can exploit a missing authentication for critical function vulnerability by using the Core protocol. This allows the attacker to force a target broker to establish an outbound Core federation...

9.8CVSS5.9AI score0.00156EPSS

Exploits1References5

Tenable Nessus•added 2026/03/06 12:0 a.m.•4 views

Apache Artemis 2.11.0 < 2.45.0 / 2.50.0 < 2.52.0 Missing Authentication (CVE-2026-27446)

The version of Apache Artemis formerly Apache ActiveMQ Artemis installed on the remote host is affected by a vulnerability: - Missing Authentication for Critical Function vulnerability. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound...

9.8CVSS5.9AI score0.00156EPSS

Exploits1References2

OSV•added 2026/03/05 10:16 p.m.•2 views

CVE-2026-29613

OpenClaw versions prior to 2026.2.12 contain a vulnerability in the BlueBubbles optional plugin webhook handler in which it authenticates requests based solely on loopback remoteAddress without validating forwarding headers, allowing bypass of configured webhook passwords. When the gateway operat...

5.9CVSS6AI score

Exploits0References4

NVD•added 2026/03/05 10:16 p.m.•4 views

CVE-2026-29613

8.2CVSS0.00047EPSS

Exploits0References4

CVE•added 2026/03/05 10:0 p.m.•14 views

CVE-2026-29613

OpenClaw is affected in versions prior to 2026.2.12, where the BlueBubbles optional plugin webhook handler authenticates requests only by loopback remoteAddress and does not validate forwarding headers. This allows an unauthenticated attacker, especially when behind a reverse proxy, to reach the ...

8.2CVSS6.1AI score0.00047EPSS

Exploits0References4Affected Software1

RedHat Linux•added 2026/03/05 9:59 p.m.•3 views

org.apache.artemis:artemis-server: org.apache.activemq:artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication

9.8CVSS5.9AI score0.00156EPSS

Exploits1References5

EUVD•added 2026/03/04 9:31 a.m.•3 views

EUVD-2026-9382

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.3CVSS6AI score0.00156EPSS

Exploits1References2

OSV•added 2026/03/04 9:31 a.m.•2 views

GHSA-FW88-PF9M-P947 Apache Artemis and Apache ActiveMQ Artemis are Missing Authentication for Critical Functions

9.8CVSS5.9AI score0.00156EPSS

Exploits1References6

OSV•added 2026/03/04 9:15 a.m.•2 views

CVE-2026-27446

9.8CVSS5.9AI score

Exploits0References3

OSV•added 2026/03/04 9:15 a.m.•2 views

UBUNTU-CVE-2026-27446

9.8CVSS7.3AI score0.00156EPSS

Exploits1References3

UbuntuCve•added 2026/03/04 9:15 a.m.•2 views

CVE-2026-27446

9.8CVSS7.3AI score0.00156EPSS

Exploits1References2

Vulnrichment•added 2026/03/04 8:48 a.m.•1 views

CVE-2026-27446 Apache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federation

9.3CVSS5.9AI score0.00156EPSS

Exploits1References1

ATTACKERKB•added 2026/03/04 8:48 a.m.•2 views

CVE-2026-27446

9.8CVSS5.9AI score0.00156EPSS

Exploits1References2Affected Software2

Cvelist•added 2026/03/04 8:48 a.m.•36 views

CVE-2026-27446 Apache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federation

9.3CVSS0.00156EPSS

Exploits1References1

CVE•added 2026/03/04 8:48 a.m.•51 views

CVE-2026-27446

CVE-2026-27446 affects Apache Artemis and Apache ActiveMQ Artemis. The vulnerability enables an unauthenticated remote attacker to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker, potentially allowing message injection into any queu...

9.8CVSS5.9AI score0.00156EPSS

Exploits1References4Affected Software2

CNNVD•added 2026/03/04 12:0 a.m.•4 views

Apache ActiveMQ Artemis和Apache Artemis 安全漏洞

Apache ActiveMQ Artemis and Apache Artemis are both products of the Apache Foundation in the United States. Apache ActiveMQ Artemis is a high-performance open-source message broker. Apache Artemis is a message broker software. Versions 2.50.0 to 2.51.0 of Apache Artemis, as well as versions 2.11....

9.8CVSS7.4AI score0.00156EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by