Lucene search
K

38 matches found

F5 Networks
F5 Networks
added 2026/07/01 7:29 a.m.6 views

K000162017: Apache Artemis vulnerability CVE-2026-27446

Security Advisory Description Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an...

9.8CVSS7.2AI score0.10629EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/05/18 12:21 p.m.21 views

org.apache.artemis:artemis-server: org.apache.activemq:artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication

A flaw was found in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated remote attacker can exploit a missing authentication for critical function vulnerability by using the Core protocol. This allows the attacker to force a target broker to establish an outbound Core federation...

9.8CVSS7.3AI score0.10629EPSS
Exploits1References5
Fedora
Fedora
added 2026/04/28 1:0 a.m.8 views

[SECURITY] Fedora 43 Update: libcoap-4.3.5b-1.fc43

The Constrained Application Protocol CoAP is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Inter net of Things. The protocol is designed for machine-to-machine M2M applications such as smart energy and building automation. libcoap implements a...

9.8CVSS5.2AI score0.00296EPSS
Exploits0
Fedora
Fedora
added 2026/03/07 2:25 a.m.8 views

[SECURITY] Fedora 43 Update: python-asyncmy-0.2.11-2.fc43

asyncmy is a fast asyncio MySQL/MariaDB driver, which reuses most of pymysql and aiomysql but rewrites the core protocol with Cython to speed it up...

9.8CVSS5.8AI score0.00373EPSS
Exploits0
Packet Storm
Packet Storm
added 2026/03/06 12:0 a.m.163 views

📄 Apache Artemis / ActiveMQ Artemis Missing Authentication

Proof of concept exploit for CVE-2026-27446 targeting Apache Artemis versions 2.50.0 through 2.51.0 and Apache ActiveMQ Artemis versions 2.11.0 through 2.44.0...

9.8CVSS5.8AI score0.10629EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-27446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Co...

9.8CVSS7.8AI score0.10629EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/03/05 9:59 p.m.5 views

org.apache.artemis:artemis-server: org.apache.activemq:artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication

A flaw was found in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated remote attacker can exploit a missing authentication for critical function vulnerability by using the Core protocol. This allows the attacker to force a target broker to establish an outbound Core federation...

9.8CVSS5.9AI score0.10629EPSS
Exploits1References5
Snyk
Snyk
added 2026/03/04 9:31 a.m.4 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the Core protocol implementation. A malicious broker can force a broker to establish an outbound Core federation connection to it, and use it to inject or exfiltrate messages from the...

9.8CVSS5.8AI score0.10629EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/04 9:31 a.m.5 views

EUVD-2026-9382

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.3CVSS6AI score0.10629EPSS
Exploits1References2
OSV
OSV
added 2026/03/04 9:31 a.m.5 views

GHSA-FW88-PF9M-P947 Apache Artemis and Apache ActiveMQ Artemis are Missing Authentication for Critical Functions

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS5.9AI score0.10629EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/03/04 9:31 a.m.8 views

Apache Artemis and Apache ActiveMQ Artemis are Missing Authentication for Critical Functions

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS6AI score0.10629EPSS
Exploits1References6Affected Software2
NVD
NVD
added 2026/03/04 9:15 a.m.18 views

CVE-2026-27446

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS0.10629EPSS
Exploits1References13
UbuntuCve
UbuntuCve
added 2026/03/04 9:15 a.m.4 views

CVE-2026-27446

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS7.3AI score0.10629EPSS
Exploits1References2
OSV
OSV
added 2026/03/04 9:15 a.m.5 views

UBUNTU-CVE-2026-27446

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS7.3AI score0.10629EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/04 8:48 a.m.4 views

CVE-2026-27446

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS5.9AI score0.10629EPSS
Exploits1References2Affected Software2
RedhatCVE
RedhatCVE
added 2026/03/04 8:35 a.m.6 views

CVE-2026-27446

A flaw was found in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated remote attacker can exploit a missing authentication for critical function vulnerability by using the Core protocol. This allows the attacker to force a target broker to establish an outbound Core federation...

9.8CVSS5.8AI score0.10629EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.3 views

PT-2026-22892

Name of the Vulnerable Software and Affected Versions Apache Artemis versions 2.50.0 through 2.51.0 Apache ActiveMQ Artemis versions 2.11.0 through 2.44.0 Description A missing authentication check for a critical function exists in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated...

9.8CVSS6AI score0.10629EPSS
Exploits1References30
OPENSUSE Linux
OPENSUSE Linux
added 2026/01/25 12:0 a.m.8 views

Security update for rabbitmq-server (moderate)

openSUSE security update: security update for rabbitmq-server ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20082-1 Rating: moderate References: bsc1246091 Cross-References: CVE-2025-30219 CVSS scores: CVE-2025-30219 SUSE : 6.1...

6.1CVSS6.3AI score0.00203EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/12/09 9:1 a.m.3 views

Bluetooth: bcsp: receive data only if registered

...

5.5CVSS7AI score0.00171EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-1999-1067

Malware in sbrugna...

10CVSS6.4AI score0.02622EPSS
Exploits1References3
Rows per page
Query Builder