Lucene search
K

1241 matches found

EUVD
EUVD
added 2026/06/30 4:39 p.m.4 views

EUVD-2023-50377

RabbitMQ vulnerable to Denial of Service by publishing large messages over the HTTP API...

4.9CVSS6.2AI score0.01077EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/30 4:15 p.m.8 views

EUVD-2022-52713

RabbitMQ has predictable credential obfuscation seed value used in Shovel and Federation plugins...

7.5CVSS7.1AI score0.00307EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/24 3:19 p.m.5 views

CVE-2026-44393

A flaw was found in OpenStack oslo.messaging. The RabbitMQ driver does not properly verify the hostname of the message broker when establishing a TLS Transport Layer Security connection. An attacker capable of intercepting control-plane network traffic can exploit this vulnerability to impersonat...

7.4CVSS5.8AI score0.0016EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in rabbitMQ-server

Pivotal RabbitMQ versions prior to v3.7.18, as well as RabbitMQ for PCF versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16.6, and versions 1.17.x prior to 1.17.3, contain two components: the virtual host limits page and the federation management UI. These components do not properly...

4.8CVSS6.2AI score0.01165EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 12:16 a.m.11 views

CVE-2026-41714

Applications that configure their broker connection via RabbitConnectionFactoryBean.setUri"amqps://..." without also calling setUseSSLtrue get TLS encryption with no certificate validation and no hostname verification. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1....

4CVSS0.00132EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-48317

Name of the Vulnerable Software and Affected Versions Spring AMQP versions 4.0.0 through 4.0.3 Spring AMQP versions 3.2.0 through 3.2.10 Spring AMQP versions 3.1.0 through 3.1.15 Spring AMQP versions 2.4.0 through 2.4.17 Description Applications that configure their broker connection using the...

4CVSS5.8AI score0.00132EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.11 views

PT-2026-49833

It was discovered that rabbitmq-c exposed credentials in command-line arguments under certain circumstances. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2023-35789 It was discovered that...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References15
OSV
OSV
added 2026/06/08 1:16 p.m.3 views

CLEANSTART-2026-MW09143 Security fixes for CVE-2024-45337, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27145, CVE-2026-33186, CVE-2026-34986, CVE-2026-39821, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, ghsa-6v2p-p943-phr9, ghsa-78h2-9frx-2jm8, ghsa-c6gw-w398-hv78, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-p754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-qxp5-gw88-xv66, ghsa-v778-237x-gjrc, ghsa-vvgc-356p-c3xw applied in versions: 1.15.0-r1, 1.19.0-r0, 1.19.1-r0, 1.19.2-r0

Multiple security vulnerabilities affect the rabbitmq-messaging-topology-operator package. These issues are resolved in later releases. See references for individual vulnerability details...

9.6CVSS6.8AI score0.03153EPSS
Exploits3References34
OSV
OSV
added 2026/06/08 12:43 p.m.8 views

CLEANSTART-2026-GY66569 Security fixes for CVE-2024-45337, CVE-2026-25679, CVE-2026-27139, CVE-2026-27140, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-34986, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-6v2p-p943-phr9, ghsa-c6gw-w398-hv78, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-p754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-qxp5-gw88-xv66, ghsa-v778-237x-gjrc, ghsa-vvgc-356p-c3xw applied in versions: 1.15.0-r1, 1.18.3-r0

Multiple security vulnerabilities affect the rabbitmq-messaging-topology-operator package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS6.7AI score0.03153EPSS
Exploits2References59
OSV
OSV
added 2026/06/08 12:36 p.m.18 views

CLEANSTART-2026-PU75130 Security fixes for CVE-2026-27140, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-pc3f-x583-g7j2 applied in versions: 2.19.2-r0, 2.19.2-r1, 2.19.2-r2, 2.19.2-r3

Multiple security vulnerabilities affect the rabbitmq-cluster-operator package. These issues are resolved in later releases. See references for individual vulnerability details...

9CVSS7.3AI score0.00813EPSS
Exploits0References42
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.12 views

CVE-2026-44839

A flaw was found in RabbitMQ, a messaging and streaming broker. Unsanitized virtual host names allow for XSS in the the management UI pages that list virtual hosts if the attacker manages to find a way to force a virtual host to restart. This vulnerability requires high privileges and user...

5.6CVSS5.8AI score0.0018EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/06 2:46 a.m.10 views

SUSE CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

7.4CVSS5.4AI score0.0016EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.9 views

CVE-2026-25112

A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack...

7.8CVSS5.5AI score0.00145EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.10 views

CVE-2026-9844

Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology RabbitMQ Management interface modules allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1...

8.8CVSS5.4AI score0.00239EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.12 views

CVE-2026-9133

Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws before version 0.2.1. A debug ARN scheme arn:aws-debug:file accepted by the PUT /api/aws/arn/validate validation endpoint might allow remote authenticated users to perform arbitrary file reads on any file accessible to the...

8.3CVSS5.8AI score0.00344EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.10 views

CVE-2026-43968 affecting package rabbitmq-server for versions less than 3.13.7-5

CVE-2026-43968 affecting package rabbitmq-server for versions less than 3.13.7-5. A patched version of the package is available...

6.3CVSS5.4AI score0.00218EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.9 views

CVE-2026-7790 affecting package rabbitmq-server for versions less than 3.13.7-5

CVE-2026-7790 affecting package rabbitmq-server for versions less than 3.13.7-5. A patched version of the package is available...

8.7CVSS5.4AI score0.00431EPSS
Exploits0
NVD
NVD
added 2026/06/04 4:16 p.m.13 views

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

7.4CVSS0.0016EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.38 views

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

0.0016EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46260

Name of the Vulnerable Software and Affected Versions oslo.messaging versions 1.0.0 through 17.3.0 Description The RabbitMQ driver in oslo.messaging fails to perform TLS hostname verification when connecting to the message broker. While the driver enables certificate chain validation when ssl ca...

7.4CVSS5.5AI score0.0016EPSS
Exploits0References5
Rows per page
Query Builder