pkg:Maven/org.apache.activemq:activemq-all

8 total CVEsHIGH4MEDIUM4

✅ Check your installed version

All known vulnerabilities

  • HIGH8.8CVE-2026-34197⚠ KEVApache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
    from 0, < 5.19.5
  • HIGH8.8CVE-2026-41044Apache ActiveMQ Vulnerable to Code Injection
    from 0, < 5.19.6
  • HIGH8.8CVE-2026-40466Apache ActiveMQ Vulnerable to Improper Input Validation and Code Injection
    from 0, < 5.19.6
  • HIGH7.5CVE-2026-39304Apache ActiveMQ: Denial of Service via Out of Memory vulnerability
    from 0, < 5.19.4
  • MEDIUM6.5CVE-2026-41043Apache ActiveMQ Vulnerable to Cross-site Scripting
    from 0, < 5.19.6
  • MEDIUM5.4CVE-2026-40046Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT: Missing fix for CVE-2025-66168: MQTT control packet remaining length field is not properly validated
    >= 6.0.0, < 6.2.4
  • MEDIUM5.4CVE-2025-66168Apache ActiveMQ, Apache ActiveMQ All Module, Apache ActiveMQ MQTT Module: MQTT control packet remaining length field is not properly validated
    from 0, < 5.19.2
  • MEDIUM4.3CVE-2026-33227Apache ActiveMQ: Improper validation and restriction of a classpath path name
    from 0, < 5.19.3