Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    6415 vulnerabilities by Apache

    CVE-2025-53648 (GCVE-0-2025-53648)

    Vulnerability from nvd – Published: 2026-06-30 13:36 – Updated: 2026-06-30 17:35
    VLAI
    Title
    Apache Gravitino: SQL misconfiguration can access or truncate files
    Summary
    SQL misconfiguration in the Gravitino UI, in versions 1.0.0 and below, can allow a malicious user to read or truncate files. Users are recommended to upgrade to version 1.0.0, which fixes this issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Gravitino Affected: 0.5.0 , < 1.0.0 (semver)
    Create a notification for this product.
    Credits
    A1kaid@ThreatBook VulTeam Le1a@ThreatBook VulTeam
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-53648",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T14:22:11.651013Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T14:22:18.393Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T17:35:41.726Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/30/2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.gravitino:catalog-jdbc-common",
              "product": "Apache Gravitino",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "1.0.0",
                  "status": "affected",
                  "version": "0.5.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "A1kaid@ThreatBook VulTeam"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Le1a@ThreatBook VulTeam"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003eSQL misconfiguration in the Gravitino UI, in versions 1.0.0 and below, can allow a malicious user to read or truncate files.\u003cbr\u003eUsers are recommended to upgrade to version 1.0.0, which fixes this issue.\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "SQL misconfiguration in the Gravitino UI, in versions 1.0.0 and below, can allow a malicious user to read or truncate files.\nUsers are recommended to upgrade to version 1.0.0, which fixes this issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "low"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T13:36:00.654Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/s0hytcv17z52dwp5dojjjwgrtqtyh2xk"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Apache Gravitino: SQL misconfiguration can access or truncate files",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2025-53648",
        "datePublished": "2026-06-30T13:36:00.654Z",
        "dateReserved": "2025-07-08T05:17:44.991Z",
        "dateUpdated": "2026-06-30T17:35:41.726Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54475 (GCVE-0-2026-54475)

    Vulnerability from nvd – Published: 2026-06-30 09:48 – Updated: 2026-06-30 14:52
    VLAI
    Title
    Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeover
    Summary
    Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing a different connection to consume from another connection's temporary destination. This issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Broker Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    Leon Johnson (github: lokerxx)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:25.154Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/15"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54475",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T14:52:21.373754Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T14:52:25.352Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-broker",
              "product": "Apache ActiveMQ Broker",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Leon Johnson (github: lokerxx)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMissing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ.\u003c/p\u003eApache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing a\u0026nbsp;different connection to consume from another connection\u0027s temporary\u003cbr\u003edestination.\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ.\n\nApache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing a\u00a0different connection to consume from another connection\u0027s temporary\ndestination.\nThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862 Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:48:28.852Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/85f3q7mkh71y7qwyn6wvgw0bw4jl06ys"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeover",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-54475",
        "datePublished": "2026-06-30T09:48:28.852Z",
        "dateReserved": "2026-06-15T16:52:41.340Z",
        "dateUpdated": "2026-06-30T14:52:25.352Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53917 (GCVE-0-2026-53917)

    Vulnerability from nvd – Published: 2026-06-30 09:49 – Updated: 2026-06-30 14:51
    VLAI
    Title
    Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory allocation in OpenWire property unmarshalling
    Summary
    Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message property maps are unmarshaled without size validation which can trigger OOM and crash the broker. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-789 - Memory Allocation with Excessive Size Value
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Client Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Broker Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    tonghuaroot
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:23.280Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/14"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53917",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T14:51:28.341266Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T14:51:31.720Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-client",
              "product": "Apache ActiveMQ Client",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-broker",
              "product": "Apache ActiveMQ Broker",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "tonghuaroot"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMemory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker.\u003c/p\u003eAn authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOpenWire message property maps are unmarshaled without size validation\u003c/span\u003e\u0026nbsp;which can trigger OOM and crash the broker.\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker.\n\nAn authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message property maps are unmarshaled without size validation\u00a0which can trigger OOM and crash the broker.\nThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-789",
                  "description": "CWE-789 Memory Allocation with Excessive Size Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:49:17.388Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/grrd1mwgkgblqjbwkkq6dvmdxd9ov2dx"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory allocation in OpenWire property unmarshalling",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-53917",
        "datePublished": "2026-06-30T09:49:17.388Z",
        "dateReserved": "2026-06-11T14:45:46.575Z",
        "dateUpdated": "2026-06-30T14:51:31.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53916 (GCVE-0-2026-53916)

    Vulnerability from nvd – Published: 2026-06-30 09:49 – Updated: 2026-06-30 15:58
    VLAI
    Title
    Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec
    Summary
    Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM heap. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-789 - Memory Allocation with Excessive Size Value
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Stomp Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    tonghuaroot
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:21.374Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/13"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53916",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T15:56:52.538590Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T15:58:46.098Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-stomp",
              "product": "Apache ActiveMQ Stomp",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "tonghuaroot"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMemory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp.\u003cbr\u003e\u003c/p\u003eAn unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit,\u0026nbsp;exhausting\u0026nbsp;the JVM heap. \u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp.\n\n\nAn unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit,\u00a0exhausting\u00a0the JVM heap. \nThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-789",
                  "description": "CWE-789 Memory Allocation with Excessive Size Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:49:55.655Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/07hjsj88hqgsb7vvg6ttsj56ts9vjs5n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-53916",
        "datePublished": "2026-06-30T09:49:55.655Z",
        "dateReserved": "2026-06-11T14:36:08.703Z",
        "dateUpdated": "2026-06-30T15:58:46.098Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-52760 (GCVE-0-2026-52760)

    Vulnerability from nvd – Published: 2026-06-30 09:50 – Updated: 2026-06-30 15:58
    VLAI
    Title
    Apache ActiveMQ, Apache ActiveMQ Web Console: Stored XSS via Unescaped values in ActiveMQ Web Console
    Summary
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to send a message with a JMS message ID that has been crafted to contain HTML/JavaScript such that when an administrator browses the queue in the Web Console, the payload executes in their browser. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Web Console: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Web Console Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    Biswajeet Ray
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:19.413Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/12"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-52760",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T15:56:07.090596Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T15:58:39.098Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-web-console",
              "product": "Apache ActiveMQ Web Console",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Biswajeet Ray"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console.\u003c/p\u003eThe browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to send a\u0026nbsp;message with a JMS message ID that has been\u0026nbsp;crafted to contain HTML/JavaScript such that when\u0026nbsp;an administrator browses the queue in the Web Console, the payload executes in their browser.\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Web Console: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console.\n\nThe browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to send a\u00a0message with a JMS message ID that has been\u00a0crafted to contain HTML/JavaScript such that when\u00a0an administrator browses the queue in the Web Console, the payload executes in their browser.\nThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Web Console: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "moderate"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:50:30.176Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/d3mhyo2116nomz2lwxppyy4pclvdxq3n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ, Apache ActiveMQ Web Console: Stored XSS via Unescaped values in ActiveMQ Web Console",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-52760",
        "datePublished": "2026-06-30T09:50:30.176Z",
        "dateReserved": "2026-06-08T15:39:32.251Z",
        "dateUpdated": "2026-06-30T15:58:39.098Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-50750 (GCVE-0-2026-50750)

    Vulnerability from nvd – Published: 2026-06-30 09:51 – Updated: 2026-06-30 13:21
    VLAI
    Title
    Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270
    Summary
    Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broker will crash with OOM. This issue affects Apache ActiveMQ Broker: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ All: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7. Users are recommended to upgrade to version 6.2.7, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Denial of Service via Out of Memory
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    References
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Broker Affected: 5.19.7 , < 5.19.8 (semver)
    Affected: 6.2.6 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Affected: 5.19.7 , < 5.19.8 (semver)
    Affected: 6.2.6 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 5.19.7 , < 5.19.8 (semver)
    Affected: 6.2.6 , < 6.2.7 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-50750",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:21:40.113842Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-400",
                    "description": "CWE-400 Uncontrolled Resource Consumption",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:21:45.456Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-broker",
              "product": "Apache ActiveMQ Broker",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "5.19.7",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.2.6",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "5.19.7",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.2.6",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "5.19.7",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.2.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eDenial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\u003c/p\u003eFollowing the fix for  CVE-2026-49270\u0026nbsp;an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending\u0026nbsp;a ConnectionInfo, until the broker will crash with OOM.\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ Broker: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ All: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\n\nFollowing the fix for  CVE-2026-49270\u00a0an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending\u00a0a ConnectionInfo, until the broker will crash with OOM.\nThis issue affects Apache ActiveMQ Broker: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ All: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service via Out of Memory",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:51:57.035Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/nhkmbdym61yp6wwy0dny8w1p46sm87kr"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-50750",
        "datePublished": "2026-06-30T09:51:57.035Z",
        "dateReserved": "2026-06-06T19:20:20.134Z",
        "dateUpdated": "2026-06-30T13:21:45.456Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-50734 (GCVE-0-2026-50734)

    Vulnerability from nvd – Published: 2026-06-30 09:53 – Updated: 2026-06-30 12:32
    VLAI
    Title
    Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation
    Summary
    Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker. This issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-789 - Memory Allocation with Excessive Size Value
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Client Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    Andrej Tomci
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:17.570Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/10"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-50734",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T12:32:21.060414Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:32:25.918Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-client",
              "product": "Apache ActiveMQ Client",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Andrej Tomci"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMemory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All.\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All.\n\nAn unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker.\nThis issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-789",
                  "description": "CWE-789 Memory Allocation with Excessive Size Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:53:03.435Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/nxso951fnvf72qf9m475mpz4yf931xk0"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-50734",
        "datePublished": "2026-06-30T09:53:03.435Z",
        "dateReserved": "2026-06-05T17:01:29.414Z",
        "dateUpdated": "2026-06-30T12:32:25.918Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-49877 (GCVE-0-2026-49877)

    Vulnerability from nvd – Published: 2026-06-30 09:53 – Updated: 2026-06-30 12:29
    VLAI
    Title
    Apache ActiveMQ: Authenticated web users retain admin access by default in the Web Console
    Summary
    Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    Leon Johnson (github: lokerxx)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:09.219Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/9"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-49877",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T12:29:08.635332Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:29:12.251Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Leon Johnson (github: lokerxx)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Authorization vulnerability in Apache ActiveMQ.\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Improper Authorization vulnerability in Apache ActiveMQ.\n\nAn authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins.\nThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:53:42.706Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/w82vtc3q02j5ot94tnyy1197y3wb98hl"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ: Authenticated web users retain admin access by default in the Web Console",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-49877",
        "datePublished": "2026-06-30T09:53:42.706Z",
        "dateReserved": "2026-06-02T13:37:55.228Z",
        "dateUpdated": "2026-06-30T12:29:12.251Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-49434 (GCVE-0-2026-49434)

    Vulnerability from nvd – Published: 2026-06-30 09:55 – Updated: 2026-06-30 12:27
    VLAI
    Title
    Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker
    Summary
    Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to fetch an attacker URL and spawn a second BrokerService inside the same JVM. This issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Broker Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    @Add Content
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:07.246Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/8"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-49434",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T12:27:23.416553Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:27:49.847Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-broker",
              "product": "Apache ActiveMQ Broker",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "@Add Content"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn attacker that has access to publish or modify entries in LDAP that match the configured \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esearchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efetch an attacker URL and spawn a \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esecond BrokerService inside the same JVM.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\n\nAn attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to fetch an attacker URL and spawn a second BrokerService inside the same JVM.\nThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\n\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "moderate"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:55:29.533Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/hcjh7kdk4l85tb9ksmvcnkhso1ngj50o"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-49434",
        "datePublished": "2026-06-30T09:55:29.533Z",
        "dateReserved": "2026-05-29T20:48:53.860Z",
        "dateUpdated": "2026-06-30T12:27:49.847Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-49432 (GCVE-0-2026-49432)

    Vulnerability from nvd – Published: 2026-06-30 09:54 – Updated: 2026-06-30 15:55
    VLAI
    Title
    Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables denial of service
    Summary
    Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can keep streaming body bytes and grow the per-connection command buffer beyond configured limits to cause OOM. For the blocking STOMP protocol, an error will instead force abnormal transport exception handling for the affected connection and closure. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Stomp Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    Youngjoon Kim
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:04.962Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/7"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-49432",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T15:50:46.422715Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T15:55:36.075Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-stomp",
              "product": "Apache ActiveMQ Stomp",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Youngjoon Kim"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp.\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can keep streaming body bytes and grow the per-connection command buffer beyond configured limits to cause OOM. For the blocking STOMP protocol, an error will instead force abnormal transport exception handling for the affected connection and closure.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp.\n\nA remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can keep streaming body bytes and grow the per-connection command buffer beyond configured limits to cause OOM. For the blocking STOMP protocol, an error will instead force abnormal transport exception handling for the affected connection and closure.\nThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7.\n\n\n\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:54:38.991Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/fsjb26605syqr8xks249h8gkp86t55d2"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables denial of service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-49432",
        "datePublished": "2026-06-30T09:54:38.991Z",
        "dateReserved": "2026-05-29T20:35:56.881Z",
        "dateUpdated": "2026-06-30T15:55:36.075Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-55957 (GCVE-0-2026-55957)

    Vulnerability from nvd – Published: 2026-06-29 20:47 – Updated: 2026-06-30 13:27
    VLAI
    Title
    Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind
    Summary
    Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 through 10.1.36, from 9.0.0.M1 through 9.0.100, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Users are recommended to upgrade to version 11.0.5, 10.1.37 or 9.0.101, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-304 - Missing Critical Step in Authentication
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Tomcat Affected: 11.0.0-M1 , ≤ 11.0.4 (semver)
    Affected: 10.1.0-M1 , ≤ 10.1.36 (semver)
    Affected: 9.0.0.M1 , ≤ 9.0.100 (semver)
    Affected: 8.5.0 , ≤ 8.5.100 (semver)
    Affected: 7.0.0 , ≤ 7.0.109 (semver)
    Unknown: 0 , < 7.0.0 (semver)
    Create a notification for this product.
    Credits
    Ilan Toyter
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-29T22:24:34.997Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/26"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 7.3,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-55957",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:26:38.087999Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:27:37.064Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Apache Tomcat",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.4",
                  "status": "affected",
                  "version": "11.0.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.1.36",
                  "status": "affected",
                  "version": "10.1.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.0.100",
                  "status": "affected",
                  "version": "9.0.0.M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.5.100",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.109",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "7.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ilan Toyter"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMissing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 through 10.1.36, from 9.0.0.M1 through 9.0.100, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.5, 10.1.37 or 9.0.101, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 through 10.1.36, from 9.0.0.M1 through 9.0.100, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109.\n\nUsers are recommended to upgrade to version 11.0.5, 10.1.37 or 9.0.101, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-304",
                  "description": "CWE-304 Missing Critical Step in Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T20:47:12.661Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/7fk339o5jvd4mcgsf0chbrn4o525ccjh"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-55957",
        "datePublished": "2026-06-29T20:47:12.661Z",
        "dateReserved": "2026-06-17T19:25:28.759Z",
        "dateUpdated": "2026-06-30T13:27:37.064Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-55956 (GCVE-0-2026-55956)

    Vulnerability from nvd – Published: 2026-06-29 20:46 – Updated: 2026-06-30 13:25
    VLAI
    Title
    Apache Tomcat: Security constraints for default servlet ignored method
    Summary
    Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Tomcat Affected: 11.0.0-M1 , ≤ 11.0.22 (semver)
    Affected: 10.1.0-M1 , ≤ 10.1.55 (semver)
    Affected: 9.0.0.M1 , ≤ 9.0.118 (semver)
    Affected: 8.5.0 , ≤ 8.5.100 (semver)
    Affected: 7.0.0 , ≤ 7.0.109 (semver)
    Unknown: 0 , < 7.0.0 (semver)
    Create a notification for this product.
    Credits
    j0hndo (dohyun4466@gmail.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-29T22:24:34.042Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/25"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-55956",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:23:02.427983Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:25:31.049Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Apache Tomcat",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.22",
                  "status": "affected",
                  "version": "11.0.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.1.55",
                  "status": "affected",
                  "version": "10.1.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.0.118",
                  "status": "affected",
                  "version": "9.0.0.M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.5.100",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.109",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "7.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "j0hndo (dohyun4466@gmail.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.\u003c/p\u003e"
                }
              ],
              "value": "Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected.\n\nUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "moderate"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T20:46:02.927Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/dcjdcnnnww9hhdm016hr0l7hpw1bzjfp"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Apache Tomcat: Security constraints for default servlet ignored method",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-55956",
        "datePublished": "2026-06-29T20:46:02.927Z",
        "dateReserved": "2026-06-17T18:36:32.030Z",
        "dateUpdated": "2026-06-30T13:25:31.049Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-55955 (GCVE-0-2026-55955)

    Vulnerability from nvd – Published: 2026-06-29 20:44 – Updated: 2026-06-30 13:22
    VLAI
    Title
    Apache Tomcat: EncryptInterceptor not protected against replay attacks
    Summary
    Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109. Users are recommended to upgrade to version 11.0.23, 10.1.56, 9.0.119, which fixes the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Tomcat Affected: 11.0.0-M1 , ≤ 11.0.22 (semver)
    Affected: 10.1.0-M1 , ≤ 10.1.55 (semver)
    Affected: 9.0.13 , ≤ 9.0.118 (semver)
    Affected: 8.5.38 , ≤ 8.5.100 (semver)
    Affected: 7.0.100 , ≤ 7.0.109 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-29T22:24:33.117Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/24"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-55955",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:21:53.082121Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:22:14.917Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Apache Tomcat",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.22",
                  "status": "affected",
                  "version": "11.0.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.1.55",
                  "status": "affected",
                  "version": "10.1.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.0.118",
                  "status": "affected",
                  "version": "9.0.13",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.5.100",
                  "status": "affected",
                  "version": "8.5.38",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.109",
                  "status": "affected",
                  "version": "7.0.100",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.23, 10.1.56, 9.0.119, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109.\n\nUsers are recommended to upgrade to version 11.0.23, 10.1.56, 9.0.119, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "low"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T20:44:39.779Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/g4p5sf45p3f9r011pwqs9r54yd64s106"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Apache Tomcat: EncryptInterceptor not protected against replay attacks",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-55955",
        "datePublished": "2026-06-29T20:44:39.779Z",
        "dateReserved": "2026-06-17T18:04:49.663Z",
        "dateUpdated": "2026-06-30T13:22:14.917Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-55276 (GCVE-0-2026-55276)

    Vulnerability from nvd – Published: 2026-06-29 20:42 – Updated: 2026-06-30 13:59
    VLAI
    Title
    Apache Tomcat: Logged effective web.xml is incomplete
    Summary
    Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100. Other versions that have reached end of support may also be affected. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119 which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-670 - Always-Incorrect Control Flow Implementation
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Tomcat Affected: 11.0.0-M1 , ≤ 11.0.22 (semver)
    Affected: 10.1.0-M1 , ≤ 10.1.55 (semver)
    Affected: 9.0.0.M1 , ≤ 9.0.118 (semver)
    Affected: 8.5.0 , ≤ 8.5.100 (semver)
    Unaffected: 0 , < 8.0.0 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-29T22:24:32.168Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/23"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 9.1,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-55276",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:59:26.729885Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:59:37.872Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Apache Tomcat",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.22",
                  "status": "affected",
                  "version": "11.0.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.1.55",
                  "status": "affected",
                  "version": "10.1.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.0.118",
                  "status": "affected",
                  "version": "9.0.0.M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.5.100",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "8.0.0",
                  "status": "unaffected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAlways-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100.\u0026nbsp;Other versions that have reached end of support may also be affected.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119 which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100.\u00a0Other versions that have reached end of support may also be affected.\n\nUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119 which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "low"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-670",
                  "description": "CWE-670 Always-Incorrect Control Flow Implementation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T20:42:23.257Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/jy09xjlzn6r2qwvqoph8vcmf959yq68v"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Apache Tomcat: Logged effective web.xml is incomplete",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-55276",
        "datePublished": "2026-06-29T20:42:23.257Z",
        "dateReserved": "2026-06-16T17:40:51.153Z",
        "dateUpdated": "2026-06-30T13:59:37.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53434 (GCVE-0-2026-53434)

    Vulnerability from nvd – Published: 2026-06-29 20:41 – Updated: 2026-06-30 12:28
    VLAI
    Title
    Apache Tomcat: Invalid CRL configuration doesn't trigger failure for FFM Connector
    Summary
    Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-390 - Detection of Error Condition Without Action
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Tomcat Affected: 11.0.0-M1 , ≤ 11.0.22 (semver)
    Affected: 10.1.0-M7 , ≤ 10.1.55 (semver)
    Affected: 9.0.83 , ≤ 9.0.118 (semver)
    Unaffected: 0 , ≤ 9.0.82 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-29T22:24:26.203Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/22"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 9.1,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53434",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T12:28:14.286092Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:28:36.391Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Apache Tomcat",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.22",
                  "status": "affected",
                  "version": "11.0.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.1.55",
                  "status": "affected",
                  "version": "10.1.0-M7",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.0.118",
                  "status": "affected",
                  "version": "9.0.83",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.0.82",
                  "status": "unaffected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eDetection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118.\n\nUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "low"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-390",
                  "description": "CWE-390 Detection of Error Condition Without Action",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T20:41:06.948Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/x510lbq0sfrd1qyo7q3r1mpllgpdcosk"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Apache Tomcat: Invalid CRL configuration doesn\u0027t trigger failure for FFM Connector",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-53434",
        "datePublished": "2026-06-29T20:41:06.948Z",
        "dateReserved": "2026-06-09T14:08:56.764Z",
        "dateUpdated": "2026-06-30T12:28:36.391Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53404 (GCVE-0-2026-53404)

    Vulnerability from nvd – Published: 2026-06-29 20:39 – Updated: 2026-06-30 12:34
    VLAI
    Title
    Apache Tomcat: Bad ornext processing in RewriteValve
    Summary
    Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100. Other versions that have reached end of support may also be affected. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-670 - Always-Incorrect Control Flow Implementation
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Tomcat Affected: 11.0.0-M1 , ≤ 11.0.22 (semver)
    Affected: 10.1.0-M1 , ≤ 10.1.55 (semver)
    Affected: 9.0.0.M1 , ≤ 9.0.118 (semver)
    Affected: 8.5.0 , ≤ 8.5.100 (semver)
    Unaffected: 0 , < 8.0.0 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-29T22:24:25.256Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/21"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 7.3,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53404",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T12:30:42.750259Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:34:20.821Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Apache Tomcat",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.22",
                  "status": "affected",
                  "version": "11.0.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.1.55",
                  "status": "affected",
                  "version": "10.1.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.0.118",
                  "status": "affected",
                  "version": "9.0.0.M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.5.100",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "8.0.0",
                  "status": "unaffected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAlways-Incorrect Control Flow Implementation vulnerability in Apache Tomcat\u0027s rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100. Other versions that have reached end of support may also be affected.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.\u003c/p\u003e"
                }
              ],
              "value": "Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat\u0027s rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100. Other versions that have reached end of support may also be affected.\n\nUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "low"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-670",
                  "description": "CWE-670 Always-Incorrect Control Flow Implementation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T20:39:45.317Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/rdhpghgfskrdmw9hqzjgjrtw538smpmz"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "Apache Tomcat: Bad ornext processing in RewriteValve",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-53404",
        "datePublished": "2026-06-29T20:39:45.317Z",
        "dateReserved": "2026-06-09T08:52:02.309Z",
        "dateUpdated": "2026-06-30T12:34:20.821Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-50229 (GCVE-0-2026-50229)

    Vulnerability from nvd – Published: 2026-06-29 20:36 – Updated: 2026-06-30 12:50
    VLAI
    Title
    Apache Tomcat: XSS in number guess example
    Summary
    Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Tomcat Affected: 11.0.0-M1 , ≤ 11.0.22 (semver)
    Affected: 10.1.0-M1 , ≤ 10.1.55 (semver)
    Affected: 9.0.0.M1 , ≤ 9.0.118 (semver)
    Affected: 8.5.0 , ≤ 8.5.100 (semver)
    Affected: 7.0.0 , ≤ 7.0.109 (semver)
    Unknown: 0 , < 7.0.0 (semver)
    Create a notification for this product.
    Credits
    Erichen, Institute of Computing Technology, Chinese Academy of Sciences Yashar Shahinzadeh Amirmohammad Safari
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-29T22:24:20.838Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/20"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-50229",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T12:49:25.834984Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:50:01.539Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Apache Tomcat",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.22",
                  "status": "affected",
                  "version": "11.0.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.1.55",
                  "status": "affected",
                  "version": "10.1.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.0.118",
                  "status": "affected",
                  "version": "9.0.0.M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.5.100",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.109",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "7.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Erichen, Institute of Computing Technology, Chinese Academy of Sciences"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Yashar Shahinzadeh"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Amirmohammad Safari"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.\u003c/p\u003e"
                }
              ],
              "value": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected.\n\nUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "low"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T20:37:30.642Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/wlt2no8bw45zl1w8byop4zfqphldf5j0"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Apache Tomcat: XSS in number guess example",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-50229",
        "datePublished": "2026-06-29T20:36:24.683Z",
        "dateReserved": "2026-06-04T09:39:23.609Z",
        "dateUpdated": "2026-06-30T12:50:01.539Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-53648 (GCVE-0-2025-53648)

    Vulnerability from cvelistv5 – Published: 2026-06-30 13:36 – Updated: 2026-06-30 17:35
    VLAI
    Title
    Apache Gravitino: SQL misconfiguration can access or truncate files
    Summary
    SQL misconfiguration in the Gravitino UI, in versions 1.0.0 and below, can allow a malicious user to read or truncate files. Users are recommended to upgrade to version 1.0.0, which fixes this issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Gravitino Affected: 0.5.0 , < 1.0.0 (semver)
    Create a notification for this product.
    Credits
    A1kaid@ThreatBook VulTeam Le1a@ThreatBook VulTeam
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-53648",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T14:22:11.651013Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T14:22:18.393Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T17:35:41.726Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/30/2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.gravitino:catalog-jdbc-common",
              "product": "Apache Gravitino",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "1.0.0",
                  "status": "affected",
                  "version": "0.5.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "A1kaid@ThreatBook VulTeam"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Le1a@ThreatBook VulTeam"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003eSQL misconfiguration in the Gravitino UI, in versions 1.0.0 and below, can allow a malicious user to read or truncate files.\u003cbr\u003eUsers are recommended to upgrade to version 1.0.0, which fixes this issue.\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "SQL misconfiguration in the Gravitino UI, in versions 1.0.0 and below, can allow a malicious user to read or truncate files.\nUsers are recommended to upgrade to version 1.0.0, which fixes this issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "low"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T13:36:00.654Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/s0hytcv17z52dwp5dojjjwgrtqtyh2xk"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Apache Gravitino: SQL misconfiguration can access or truncate files",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2025-53648",
        "datePublished": "2026-06-30T13:36:00.654Z",
        "dateReserved": "2025-07-08T05:17:44.991Z",
        "dateUpdated": "2026-06-30T17:35:41.726Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-49434 (GCVE-0-2026-49434)

    Vulnerability from cvelistv5 – Published: 2026-06-30 09:55 – Updated: 2026-06-30 12:27
    VLAI
    Title
    Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker
    Summary
    Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to fetch an attacker URL and spawn a second BrokerService inside the same JVM. This issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Broker Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    @Add Content
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:07.246Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/8"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-49434",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T12:27:23.416553Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:27:49.847Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-broker",
              "product": "Apache ActiveMQ Broker",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "@Add Content"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn attacker that has access to publish or modify entries in LDAP that match the configured \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esearchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efetch an attacker URL and spawn a \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esecond BrokerService inside the same JVM.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\n\nAn attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to fetch an attacker URL and spawn a second BrokerService inside the same JVM.\nThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\n\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "moderate"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:55:29.533Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/hcjh7kdk4l85tb9ksmvcnkhso1ngj50o"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-49434",
        "datePublished": "2026-06-30T09:55:29.533Z",
        "dateReserved": "2026-05-29T20:48:53.860Z",
        "dateUpdated": "2026-06-30T12:27:49.847Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-49432 (GCVE-0-2026-49432)

    Vulnerability from cvelistv5 – Published: 2026-06-30 09:54 – Updated: 2026-06-30 15:55
    VLAI
    Title
    Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables denial of service
    Summary
    Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can keep streaming body bytes and grow the per-connection command buffer beyond configured limits to cause OOM. For the blocking STOMP protocol, an error will instead force abnormal transport exception handling for the affected connection and closure. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Stomp Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    Youngjoon Kim
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:04.962Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/7"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-49432",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T15:50:46.422715Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T15:55:36.075Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-stomp",
              "product": "Apache ActiveMQ Stomp",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Youngjoon Kim"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp.\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can keep streaming body bytes and grow the per-connection command buffer beyond configured limits to cause OOM. For the blocking STOMP protocol, an error will instead force abnormal transport exception handling for the affected connection and closure.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp.\n\nA remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can keep streaming body bytes and grow the per-connection command buffer beyond configured limits to cause OOM. For the blocking STOMP protocol, an error will instead force abnormal transport exception handling for the affected connection and closure.\nThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7.\n\n\n\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:54:38.991Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/fsjb26605syqr8xks249h8gkp86t55d2"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables denial of service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-49432",
        "datePublished": "2026-06-30T09:54:38.991Z",
        "dateReserved": "2026-05-29T20:35:56.881Z",
        "dateUpdated": "2026-06-30T15:55:36.075Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-49877 (GCVE-0-2026-49877)

    Vulnerability from cvelistv5 – Published: 2026-06-30 09:53 – Updated: 2026-06-30 12:29
    VLAI
    Title
    Apache ActiveMQ: Authenticated web users retain admin access by default in the Web Console
    Summary
    Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    Leon Johnson (github: lokerxx)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:09.219Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/9"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-49877",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T12:29:08.635332Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:29:12.251Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Leon Johnson (github: lokerxx)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Authorization vulnerability in Apache ActiveMQ.\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Improper Authorization vulnerability in Apache ActiveMQ.\n\nAn authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins.\nThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:53:42.706Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/w82vtc3q02j5ot94tnyy1197y3wb98hl"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ: Authenticated web users retain admin access by default in the Web Console",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-49877",
        "datePublished": "2026-06-30T09:53:42.706Z",
        "dateReserved": "2026-06-02T13:37:55.228Z",
        "dateUpdated": "2026-06-30T12:29:12.251Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-50734 (GCVE-0-2026-50734)

    Vulnerability from cvelistv5 – Published: 2026-06-30 09:53 – Updated: 2026-06-30 12:32
    VLAI
    Title
    Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation
    Summary
    Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker. This issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-789 - Memory Allocation with Excessive Size Value
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Client Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    Andrej Tomci
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:17.570Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/10"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-50734",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T12:32:21.060414Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:32:25.918Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-client",
              "product": "Apache ActiveMQ Client",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Andrej Tomci"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMemory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All.\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All.\n\nAn unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker.\nThis issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-789",
                  "description": "CWE-789 Memory Allocation with Excessive Size Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:53:03.435Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/nxso951fnvf72qf9m475mpz4yf931xk0"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-50734",
        "datePublished": "2026-06-30T09:53:03.435Z",
        "dateReserved": "2026-06-05T17:01:29.414Z",
        "dateUpdated": "2026-06-30T12:32:25.918Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-50750 (GCVE-0-2026-50750)

    Vulnerability from cvelistv5 – Published: 2026-06-30 09:51 – Updated: 2026-06-30 13:21
    VLAI
    Title
    Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270
    Summary
    Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broker will crash with OOM. This issue affects Apache ActiveMQ Broker: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ All: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7. Users are recommended to upgrade to version 6.2.7, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Denial of Service via Out of Memory
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    References
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Broker Affected: 5.19.7 , < 5.19.8 (semver)
    Affected: 6.2.6 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Affected: 5.19.7 , < 5.19.8 (semver)
    Affected: 6.2.6 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 5.19.7 , < 5.19.8 (semver)
    Affected: 6.2.6 , < 6.2.7 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-50750",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:21:40.113842Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-400",
                    "description": "CWE-400 Uncontrolled Resource Consumption",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:21:45.456Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-broker",
              "product": "Apache ActiveMQ Broker",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "5.19.7",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.2.6",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "5.19.7",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.2.6",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "5.19.7",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.2.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eDenial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\u003c/p\u003eFollowing the fix for  CVE-2026-49270\u0026nbsp;an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending\u0026nbsp;a ConnectionInfo, until the broker will crash with OOM.\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ Broker: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ All: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\n\nFollowing the fix for  CVE-2026-49270\u00a0an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending\u00a0a ConnectionInfo, until the broker will crash with OOM.\nThis issue affects Apache ActiveMQ Broker: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ All: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service via Out of Memory",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:51:57.035Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/nhkmbdym61yp6wwy0dny8w1p46sm87kr"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-50750",
        "datePublished": "2026-06-30T09:51:57.035Z",
        "dateReserved": "2026-06-06T19:20:20.134Z",
        "dateUpdated": "2026-06-30T13:21:45.456Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-52760 (GCVE-0-2026-52760)

    Vulnerability from cvelistv5 – Published: 2026-06-30 09:50 – Updated: 2026-06-30 15:58
    VLAI
    Title
    Apache ActiveMQ, Apache ActiveMQ Web Console: Stored XSS via Unescaped values in ActiveMQ Web Console
    Summary
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to send a message with a JMS message ID that has been crafted to contain HTML/JavaScript such that when an administrator browses the queue in the Web Console, the payload executes in their browser. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Web Console: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Web Console Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    Biswajeet Ray
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:19.413Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/12"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-52760",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T15:56:07.090596Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T15:58:39.098Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-web-console",
              "product": "Apache ActiveMQ Web Console",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Biswajeet Ray"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console.\u003c/p\u003eThe browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to send a\u0026nbsp;message with a JMS message ID that has been\u0026nbsp;crafted to contain HTML/JavaScript such that when\u0026nbsp;an administrator browses the queue in the Web Console, the payload executes in their browser.\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Web Console: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console.\n\nThe browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to send a\u00a0message with a JMS message ID that has been\u00a0crafted to contain HTML/JavaScript such that when\u00a0an administrator browses the queue in the Web Console, the payload executes in their browser.\nThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Web Console: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "moderate"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:50:30.176Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/d3mhyo2116nomz2lwxppyy4pclvdxq3n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ, Apache ActiveMQ Web Console: Stored XSS via Unescaped values in ActiveMQ Web Console",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-52760",
        "datePublished": "2026-06-30T09:50:30.176Z",
        "dateReserved": "2026-06-08T15:39:32.251Z",
        "dateUpdated": "2026-06-30T15:58:39.098Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53916 (GCVE-0-2026-53916)

    Vulnerability from cvelistv5 – Published: 2026-06-30 09:49 – Updated: 2026-06-30 15:58
    VLAI
    Title
    Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec
    Summary
    Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM heap. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-789 - Memory Allocation with Excessive Size Value
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Stomp Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    tonghuaroot
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:21.374Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/13"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53916",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T15:56:52.538590Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T15:58:46.098Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-stomp",
              "product": "Apache ActiveMQ Stomp",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "tonghuaroot"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMemory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp.\u003cbr\u003e\u003c/p\u003eAn unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit,\u0026nbsp;exhausting\u0026nbsp;the JVM heap. \u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp.\n\n\nAn unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit,\u00a0exhausting\u00a0the JVM heap. \nThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-789",
                  "description": "CWE-789 Memory Allocation with Excessive Size Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:49:55.655Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/07hjsj88hqgsb7vvg6ttsj56ts9vjs5n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-53916",
        "datePublished": "2026-06-30T09:49:55.655Z",
        "dateReserved": "2026-06-11T14:36:08.703Z",
        "dateUpdated": "2026-06-30T15:58:46.098Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53917 (GCVE-0-2026-53917)

    Vulnerability from cvelistv5 – Published: 2026-06-30 09:49 – Updated: 2026-06-30 14:51
    VLAI
    Title
    Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory allocation in OpenWire property unmarshalling
    Summary
    Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message property maps are unmarshaled without size validation which can trigger OOM and crash the broker. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-789 - Memory Allocation with Excessive Size Value
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Client Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Broker Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    tonghuaroot
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:23.280Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/14"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53917",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T14:51:28.341266Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T14:51:31.720Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-client",
              "product": "Apache ActiveMQ Client",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-broker",
              "product": "Apache ActiveMQ Broker",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "tonghuaroot"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMemory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker.\u003c/p\u003eAn authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOpenWire message property maps are unmarshaled without size validation\u003c/span\u003e\u0026nbsp;which can trigger OOM and crash the broker.\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker.\n\nAn authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message property maps are unmarshaled without size validation\u00a0which can trigger OOM and crash the broker.\nThis issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-789",
                  "description": "CWE-789 Memory Allocation with Excessive Size Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:49:17.388Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/grrd1mwgkgblqjbwkkq6dvmdxd9ov2dx"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory allocation in OpenWire property unmarshalling",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-53917",
        "datePublished": "2026-06-30T09:49:17.388Z",
        "dateReserved": "2026-06-11T14:45:46.575Z",
        "dateUpdated": "2026-06-30T14:51:31.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54475 (GCVE-0-2026-54475)

    Vulnerability from cvelistv5 – Published: 2026-06-30 09:48 – Updated: 2026-06-30 14:52
    VLAI
    Title
    Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeover
    Summary
    Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing a different connection to consume from another connection's temporary destination. This issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache ActiveMQ Broker Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ All Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Apache Software Foundation Apache ActiveMQ Affected: 0 , < 5.19.8 (semver)
    Affected: 6.0.0 , < 6.2.7 (semver)
    Create a notification for this product.
    Credits
    Leon Johnson (github: lokerxx)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-30T11:06:25.154Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/15"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54475",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T14:52:21.373754Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T14:52:25.352Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-broker",
              "product": "Apache ActiveMQ Broker",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:activemq-all",
              "product": "Apache ActiveMQ All",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "org.apache.activemq:apache-activemq",
              "product": "Apache ActiveMQ",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThan": "5.19.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.2.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Leon Johnson (github: lokerxx)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMissing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ.\u003c/p\u003eApache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing a\u0026nbsp;different connection to consume from another connection\u0027s temporary\u003cbr\u003edestination.\u003cbr\u003e\u003cp\u003eThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.2.7, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ.\n\nApache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing a\u00a0different connection to consume from another connection\u0027s temporary\ndestination.\nThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7.\n\nUsers are recommended to upgrade to version 6.2.7, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862 Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T09:48:28.852Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/85f3q7mkh71y7qwyn6wvgw0bw4jl06ys"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeover",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-54475",
        "datePublished": "2026-06-30T09:48:28.852Z",
        "dateReserved": "2026-06-15T16:52:41.340Z",
        "dateUpdated": "2026-06-30T14:52:25.352Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-55957 (GCVE-0-2026-55957)

    Vulnerability from cvelistv5 – Published: 2026-06-29 20:47 – Updated: 2026-06-30 13:27
    VLAI
    Title
    Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind
    Summary
    Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 through 10.1.36, from 9.0.0.M1 through 9.0.100, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Users are recommended to upgrade to version 11.0.5, 10.1.37 or 9.0.101, which fixes the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-304 - Missing Critical Step in Authentication
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Tomcat Affected: 11.0.0-M1 , ≤ 11.0.4 (semver)
    Affected: 10.1.0-M1 , ≤ 10.1.36 (semver)
    Affected: 9.0.0.M1 , ≤ 9.0.100 (semver)
    Affected: 8.5.0 , ≤ 8.5.100 (semver)
    Affected: 7.0.0 , ≤ 7.0.109 (semver)
    Unknown: 0 , < 7.0.0 (semver)
    Create a notification for this product.
    Credits
    Ilan Toyter
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-29T22:24:34.997Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/26"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 7.3,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-55957",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:26:38.087999Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:27:37.064Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Apache Tomcat",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.4",
                  "status": "affected",
                  "version": "11.0.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.1.36",
                  "status": "affected",
                  "version": "10.1.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.0.100",
                  "status": "affected",
                  "version": "9.0.0.M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.5.100",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.109",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "7.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ilan Toyter"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMissing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 through 10.1.36, from 9.0.0.M1 through 9.0.100, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.5, 10.1.37 or 9.0.101, which fixes the issue.\u003c/p\u003e"
                }
              ],
              "value": "Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 through 10.1.36, from 9.0.0.M1 through 9.0.100, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109.\n\nUsers are recommended to upgrade to version 11.0.5, 10.1.37 or 9.0.101, which fixes the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "important"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-304",
                  "description": "CWE-304 Missing Critical Step in Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T20:47:12.661Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/7fk339o5jvd4mcgsf0chbrn4o525ccjh"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-55957",
        "datePublished": "2026-06-29T20:47:12.661Z",
        "dateReserved": "2026-06-17T19:25:28.759Z",
        "dateUpdated": "2026-06-30T13:27:37.064Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-55956 (GCVE-0-2026-55956)

    Vulnerability from cvelistv5 – Published: 2026-06-29 20:46 – Updated: 2026-06-30 13:25
    VLAI
    Title
    Apache Tomcat: Security constraints for default servlet ignored method
    Summary
    Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Apache Software Foundation Apache Tomcat Affected: 11.0.0-M1 , ≤ 11.0.22 (semver)
    Affected: 10.1.0-M1 , ≤ 10.1.55 (semver)
    Affected: 9.0.0.M1 , ≤ 9.0.118 (semver)
    Affected: 8.5.0 , ≤ 8.5.100 (semver)
    Affected: 7.0.0 , ≤ 7.0.109 (semver)
    Unknown: 0 , < 7.0.0 (semver)
    Create a notification for this product.
    Credits
    j0hndo (dohyun4466@gmail.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-06-29T22:24:34.042Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/06/29/25"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-55956",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:23:02.427983Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:25:31.049Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Apache Tomcat",
              "vendor": "Apache Software Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.22",
                  "status": "affected",
                  "version": "11.0.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.1.55",
                  "status": "affected",
                  "version": "10.1.0-M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.0.118",
                  "status": "affected",
                  "version": "9.0.0.M1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.5.100",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.109",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "7.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "j0hndo (dohyun4466@gmail.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eImproper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.\u003c/p\u003e"
                }
              ],
              "value": "Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected.\n\nUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "text": "moderate"
                },
                "type": "Textual description of severity"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T20:46:02.927Z",
            "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            "shortName": "apache"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.apache.org/thread/dcjdcnnnww9hhdm016hr0l7hpw1bzjfp"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Apache Tomcat: Security constraints for default servlet ignored method",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "assignerShortName": "apache",
        "cveId": "CVE-2026-55956",
        "datePublished": "2026-06-29T20:46:02.927Z",
        "dateReserved": "2026-06-17T18:36:32.030Z",
        "dateUpdated": "2026-06-30T13:25:31.049Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CERTFR-2026-AVI-0817

    Vulnerability from certfr_avis - Published: 2026-06-30 - Updated: 2026-06-30

    De multiples vulnérabilités ont été découvertes dans Apache Tomcat. Certaines d'entre elles permettent à un attaquant de provoquer une injection de code indirecte à distance (XSS), un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Apache Tomcat Tomcat versions 11.0.x antérieures à 11.0.23
    Apache Tomcat Tomcat versions 10.1.x antérieures à 10.1.56
    Apache Tomcat Tomcat versions 9.0.x antérieures à 9.0.119
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Tomcat versions 11.0.x ant\u00e9rieures \u00e0 11.0.23",
          "product": {
            "name": "Tomcat",
            "vendor": {
              "name": "Apache",
              "scada": false
            }
          }
        },
        {
          "description": "Tomcat versions 10.1.x ant\u00e9rieures \u00e0 10.1.56",
          "product": {
            "name": "Tomcat",
            "vendor": {
              "name": "Apache",
              "scada": false
            }
          }
        },
        {
          "description": "Tomcat versions 9.0.x ant\u00e9rieures \u00e0 9.0.119",
          "product": {
            "name": "Tomcat",
            "vendor": {
              "name": "Apache",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-55276",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-55276"
        },
        {
          "name": "CVE-2026-50229",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-50229"
        },
        {
          "name": "CVE-2026-55956",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-55956"
        },
        {
          "name": "CVE-2026-55955",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-55955"
        },
        {
          "name": "CVE-2026-53434",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-53434"
        },
        {
          "name": "CVE-2026-53404",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-53404"
        }
      ],
      "initial_release_date": "2026-06-30T00:00:00",
      "last_revision_date": "2026-06-30T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0817",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-06-30T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Apache Tomcat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0 distance (XSS), un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apache Tomcat",
      "vendor_advisories": [
        {
          "published_at": "2026-06-23",
          "title": "Bulletin de s\u00e9curit\u00e9 Apache Tomcat Apache_Tomcat_9.0.119",
          "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.119"
        },
        {
          "published_at": "2026-06-22",
          "title": "Bulletin de s\u00e9curit\u00e9 Apache Tomcat Apache_Tomcat_10.1.56",
          "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.56"
        },
        {
          "published_at": "2026-06-22",
          "title": "Bulletin de s\u00e9curit\u00e9 Apache Tomcat Apache_Tomcat_11.0.23",
          "url": "https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.23"
        }
      ]
    }