Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270
Vulnerability Description
Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broker will crash with OOM. This issue affects Apache ActiveMQ Broker: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7; Apache ActiveMQ All: from 5.19.7 before 5.19.8, from 6.2.6 before 6.2.7. Users are recommended to upgrade to version 6.2.7, which fixes the issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache ActiveMQ 资源管理错误漏洞
Vulnerability Description
Apache ActiveMQ是Apache基金会的一款消息队列中间件。 Apache ActiveMQ存在资源管理错误漏洞,该漏洞源于发送重复的BrokerInfo命令而不发送ConnectionInfo,可能导致未经身份验证的攻击者造成代理OOM,直至代理崩溃。以下版本受到影响:Apache ActiveMQ Broker 5.19.8之前版本和6.2.7之前版本;Apache ActiveMQ 5.19.8之前版本和6.2.7之前版本;Apache ActiveMQ All 5.19.8之前版本和6
CVSS Information
N/A
Vulnerability Type
N/A