2 matches found
CVE-2026-57217 RabbitMQ: Topic authorization can lead to cross-tenant routing-key bypass
RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.21, 4.1.11, and 4.2.6, RabbitMQ topic authorization can allow restricted topic writes and binds during metadata-store failures because topic-permission lookup errors from Khepri can collapse to undefined, which the internal backe...
PT-2026-57301
Name of the Vulnerable Software and Affected Versions RabbitMQ versions prior to 3.13.15 RabbitMQ versions prior to 4.0.20 RabbitMQ versions prior to 4.1.11 RabbitMQ versions prior to 4.2.6 Description Authentication for AMQP 0-9-1, AMQP 1.0, and Stream Protocol allows a loopback-restricted user,...