Lucene search
K

11 matches found

F5 Networks
F5 Networks
added 2 days ago4 views

K000162017: Apache Artemis vulnerability CVE-2026-27446

Security Advisory Description Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an...

9.8CVSS7.2AI score0.10629EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/05/18 12:24 p.m.10 views

org.apache.artemis:artemis-server: org.apache.activemq:artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication

A flaw was found in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated remote attacker can exploit a missing authentication for critical function vulnerability by using the Core protocol. This allows the attacker to force a target broker to establish an outbound Core federation...

9.8CVSS7.3AI score0.10629EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/18 12:21 p.m.21 views

org.apache.artemis:artemis-server: org.apache.activemq:artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication

A flaw was found in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated remote attacker can exploit a missing authentication for critical function vulnerability by using the Core protocol. This allows the attacker to force a target broker to establish an outbound Core federation...

9.8CVSS7.3AI score0.10629EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/14 4:55 p.m.8 views

org.apache.artemis:artemis-server: org.apache.activemq:artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication

A flaw was found in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated remote attacker can exploit a missing authentication for critical function vulnerability by using the Core protocol. This allows the attacker to force a target broker to establish an outbound Core federation...

9.8CVSS7.3AI score0.10629EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.6 views

Apache Artemis 2.11.0 < 2.45.0 / 2.50.0 < 2.52.0 Missing Authentication (CVE-2026-27446)

The version of Apache Artemis formerly Apache ActiveMQ Artemis installed on the remote host is affected by a vulnerability: - Missing Authentication for Critical Function vulnerability. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound...

9.8CVSS5.9AI score0.10629EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/04 9:31 a.m.4 views

EUVD-2026-9382

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.3CVSS6AI score0.10629EPSS
Exploits1References2
OSV
OSV
added 2026/03/04 9:31 a.m.2 views

GHSA-FW88-PF9M-P947 Apache Artemis and Apache ActiveMQ Artemis are Missing Authentication for Critical Functions

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS5.9AI score0.10629EPSS
Exploits1References6
OSV
OSV
added 2026/03/04 9:15 a.m.3 views

CVE-2026-27446

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS5.9AI score
Exploits0References3
NVD
NVD
added 2026/03/04 9:15 a.m.17 views

CVE-2026-27446

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS0.10629EPSS
Exploits1References13
Vulnrichment
Vulnrichment
added 2026/03/04 8:48 a.m.2 views

CVE-2026-27446 Apache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federation

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.3CVSS5.9AI score0.10629EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.2 views

PT-2026-22892

Name of the Vulnerable Software and Affected Versions Apache Artemis versions 2.50.0 through 2.51.0 Apache ActiveMQ Artemis versions 2.11.0 through 2.44.0 Description A missing authentication check for a critical function exists in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated...

9.8CVSS6AI score0.10629EPSS
Exploits1References30
Rows per page
Query Builder