Org.apache.activemq:apache-activemq
This hub aggregates every CVE we track for Org.apache.activemq:apache-activemq, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Org.apache.activemq:apache-activemq.
- CVE-2025-66168Apache ActiveMQ, Apache ActiveMQ All Module, Apache ActiveMQ MQTT Module: MQTT control packet remaining length field is not properly validated5.4
- CVE-2024-32114Apache ActiveMQ: Jolokia and REST API were not secured with default configuration8.5
- CVE-2022-41678Apache ActiveMQ: Insufficient API restrictions on Jolokia allow authenticated users to perform RCE8.8
- CVE-2012-6551The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.5.0
Product normalization is registry-driven with AI assist and human review. How it works