Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Apache ActiveMQ Classic RCE remote code execution flaw (multiple vulnerabilities)

Vulnerability
First reported
Last updated
Happening score
H score 49
2 unique sources, 2 articles

Summary

Hide ▲

Apache ActiveMQ Classic operators need to patch CVE-2026-34197, a remote code execution flaw that can let an attacker trigger arbitrary OS commands through the Jolokia API. The risk is higher on deployments using default credentials and on 6.0.0-6.1.1, where CVE-2024-32114 can make the issue effectively unauthenticated.

Related Happenings

CISA Apache ActiveMQ CVE-2026-34197 mitigation order

Advisory/Mitigation
First: 21.04.2026 14:17 Last: 21.04.2026 14:17 Sources 1

How related: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) also warned on Thursday that this Apache ActiveMQ vulnerability is now actively exploited in attacks and ordered Federal Civilian Executive Branch (FCEB) agencies to secure their servers by April 30.

About this happening: **CISA** ordered **FCEB agencies** to secure **Apache ActiveMQ** servers by **April 30** after **CVE-2026-34197** was confirmed **actively exploited**. The flaw can allow **arbitr...

Open Happening

CISA KEV listing and FCEB ActiveMQ patch order

Public Sector Action
First: 17.04.2026 12:30 Last: 17.04.2026 12:30 Sources 1

How related: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) also warned on Thursday that this Apache ActiveMQ vulnerability is now actively exploited in attacks and ordered Federal Civilian Executive Branch (FCEB) agencies to secure their servers by April 30.

About this happening: **CISA** added **CVE-2026-34197** to the **KEV Catalog** and ordered **FCEB** agencies to patch **Apache ActiveMQ** servers within **two weeks**. The directive sets a hard **April...

Open Happening

Cloud Software Group NetScaler urgent remediation advisory

Advisory/Mitigation
First: 25.03.2026 17:52 Last: 25.03.2026 17:52 Sources 1

About this happening: **Cloud Software Group** issued urgent remediation guidance for **NetScaler ADC** and **NetScaler Gateway**, telling affected customers to install updated versions as soon as poss...

Open Happening

CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551

Public Sector Action
First: 04.02.2026 07:50 Last: 04.02.2026 07:50 Sources 1

About this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...

Open Happening

Timeline

  1. 07.04.2026 03:00 2 articles · 1mo ago

    Horizon3.ai discloses CVE-2026-34197 in Apache ActiveMQ Classic

    Initial Disclosure

    Horizon3.ai researcher Naveen Sunkavally disclosed CVE-2026-34197 in Apache ActiveMQ Classic, warning that an attacker can abuse ActiveMQ’s Jolokia API to fetch a remote configuration file and run arbitrary OS commands. The bug normally requires credentials, but default credentials such as admin:admin are common, and on ActiveMQ Classic 6.0.0-6.1.1 the Jolokia API can be exposed without authentication because of CVE-2024-32114. He also said the flaw was patched in ActiveMQ Classic 5.19.4 and 6.2.3 and that affected operators should update and remove default credentials.

    Show sources
    Open in new tab