wid-sec-w-2026-1258 · Published 2026-04-23 · View on BSI CERT-Bund ↗

Apache ActiveMQ: Multiple Vulnerabilities

CVSS N/A NONE

Risk Summary

Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Apache ActiveMQ ausnutzen, um beliebigen Programmcode auszuführen oder Cross-Site-Scripting-Angriffe durchzuführen.

CVEs (3)

CVE-2026-40466 CVE-2026-41043 CVE-2026-41044

Affected Vendors

Apache

Affected Products (16)

Apache · ActiveMQ Broker <5.19.6

Apache · ActiveMQ Broker 5.19.6

Apache · ActiveMQ Broker <6.2.5

Apache · ActiveMQ Broker 6.2.5

Apache · ActiveMQ All <6.2.5

Apache · ActiveMQ All 6.2.5

Apache · ActiveMQ All <5.19.6

Apache · ActiveMQ All 5.19.6

Apache · ActiveMQ <5.19.6

Apache · ActiveMQ 5.19.6

Apache · ActiveMQ <6.2.5

Apache · ActiveMQ 6.2.5

Apache · ActiveMQ Web <6.2.5

Apache · ActiveMQ Web 6.2.5

Apache · ActiveMQ Web <5.19.6

Apache · ActiveMQ Web 5.19.6

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more