pkg:Maven/org.apache.activemq:apache-activemq

9 total CVEsHIGH5MEDIUM3

✅ Check your installed version

All known vulnerabilities

  • HIGH8.8CVE-2026-41044Apache ActiveMQ Vulnerable to Code Injection
    from 0, < 5.19.6
  • HIGH8.8CVE-2026-40466Apache ActiveMQ Vulnerable to Improper Input Validation and Code Injection
    from 0, < 5.19.6
  • HIGH8.8CVE-2024-32114Apache ActiveMQ's default configuration doesn't secure the API web context
    >= 6.0.0, < 6.1.2
  • HIGH8.8CVE-2022-41678Apache ActiveMQ: Insufficient API restrictions on Jolokia allow authenticated users to perform RCE
    from 0, < 5.16.6
  • HIGH7.5CVE-2026-39304Apache ActiveMQ: Denial of Service via Out of Memory vulnerability
    from 0, < 5.19.4
  • MEDIUM6.5CVE-2026-41043Apache ActiveMQ Vulnerable to Cross-site Scripting
    from 0, < 5.19.6
  • MEDIUM5.4CVE-2026-40046Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT: Missing fix for CVE-2025-66168: MQTT control packet remaining length field is not properly validated
    >= 6.0.0, < 6.2.4
  • MEDIUM5.4CVE-2025-66168Apache ActiveMQ, Apache ActiveMQ All Module, Apache ActiveMQ MQTT Module: MQTT control packet remaining length field is not properly validated
    from 0, < 5.19.2
  • CVE-2012-6551Apache ActiveMQ default configuration subject to denial of service
    from 0, < 5.8.0