Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-40914 |
|
Authorization Flaw in org.apache.artemis:artemis-stomp-protocol (CVE-2026-40914)
vulnerability in org.apache.artemis:artemis-stomp-protocol (CVE-2026-40914). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32642 |
|
Authorization Flaw in apache (CVE-2026-32642)
vulnerability in apache (CVE-2026-32642). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27446 |
|
Vulnerability in org.apache.activemq:artemis-server (CVE-2026-27446)
vulnerability in org.apache.activemq:artemis-server (CVE-2026-27446). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.52.0` or later.
|
| CVE-2025-27391 |
|
Vulnerability in apache (CVE-2025-27391)
vulnerability in apache (CVE-2025-27391). Confidential information can be exposed externally.
|
| CVE-2025-27427 |
|
Authorization Flaw in apache (CVE-2025-27427)
vulnerability in apache (CVE-2025-27427). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-50780 |
|
Vulnerability in apache (CVE-2023-50780)
vulnerability in apache (CVE-2023-50780). Successful exploitation can lead to full system takeover.
|
| CVE-2021-4040 |
|
Vulnerability in redhat (CVE-2021-4040)
vulnerability in redhat (CVE-2021-4040). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-35278 |
|
Cross-Site Scripting (XSS) in org.apache.activemq:artemis-server (CVE-2022-35278)
cross-site scripting in org.apache.activemq:artemis-server (CVE-2022-35278). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.24.0` or later.
|
| CVE-2022-23913 |
|
Vulnerability in org.apache.activemq:artemis-core-client (CVE-2022-23913)
vulnerability in org.apache.activemq:artemis-core-client (CVE-2022-23913). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.19.1` or later.
|
| CVE-2021-26117 |
|
Authentication Bypass in apache (CVE-2021-26117)
authentication bypass in apache (CVE-2021-26117). Data can be tampered with by attackers.
|
| CVE-2021-26118 |
|
Vulnerability in org.apache.activemq:artemis-openwire-protocol (CVE-2021-26118)
vulnerability in org.apache.activemq:artemis-openwire-protocol (CVE-2021-26118). Data can be tampered with by attackers. Mitigation: upgrade to `2.16.0` or later.
|
| CVE-2020-13932 |
|
Cross-Site Scripting (XSS) in org.apache.activemq:apache-artemis (CVE-2020-13932)
cross-site scripting in org.apache.activemq:apache-artemis (CVE-2020-13932). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.14.0` or later.
|
| CVE-2020-10727 |
|
Vulnerability in org.apache.activemq:artemis-commons (CVE-2020-10727)
vulnerability in org.apache.activemq:artemis-commons (CVE-2020-10727). Confidential information can be exposed externally. Exploitable via ``resetUsers``. Mitigation: upgrade to `2.13.0` or later.
|
| CVE-2017-12174 |
|
Vulnerability in apache (CVE-2017-12174)
vulnerability in apache (CVE-2017-12174). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4978 |
|
Unsafe Deserialization in apache (CVE-2016-4978)
vulnerability in apache (CVE-2016-4978). Successful exploitation can lead to full system takeover.
|