Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA Apache ActiveMQ CVE-2026-34197 mitigation order

Advisory/Mitigation
First reported
Last updated
Happening score
H score 45
1 unique sources, 1 articles

Summary

Hide ▲

CISA ordered FCEB agencies to secure Apache ActiveMQ servers by April 30 after CVE-2026-34197 was confirmed actively exploited. The flaw can allow arbitrary code execution on unpatched systems, making exposed deployments urgent to remediate. Agencies are told to apply vendor mitigations or discontinue use if no mitigations are available.

Related Happenings

OpenDCIM multi-flaw exploitation wave (CVE-2026-28515, CVE-2026-28516, CVE-2026-28517)

Exploitation Wave
First: 17.05.2026 14:57 Last: 17.05.2026 14:57 Sources 1

About this happening: **openDCIM** is seeing an **active exploitation wave** tied to **CVE-2026-28515**, **CVE-2026-28516**, and **CVE-2026-28517**, with attackers targeting vulnerable installations an...

Open Happening

Microsoft Exchange CVE-2026-42897 mitigation advisory

Advisory/Mitigation
First: 15.05.2026 12:40 Last: 15.05.2026 12:40 Sources 1

About this happening: **Microsoft** issued immediate mitigation guidance for **CVE-2026-42897**, reducing risk for **Exchange Server 2016, 2019, and Subscription Edition (SE)** on-premises servers that...

Latest development: 15.05.2026 15:35

Microsoft issued temporary mitigation guidance for CVE-2026-42897 while a patch is still in development, recommending the Exchange Emergency Mitigation (EM) Service, which is enabled by default and can be checked with the Exchange Health Checker script, or the Exchange On-premises Mitigation Tool (EOMT) for disconnected or air-gapped environments. Microsoft noted that the mitigations can disrupt features such as OWA Print Calendar and Inline images, and that servers older than March 2023 cannot receive new mitigations through EM Service.

Open Happening

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

CISA KEV listing and FCEB firewall directive for CVE-2026-0300

Public Sector Action
First: 07.05.2026 13:57 Last: 07.05.2026 13:57 Sources 1

About this happening: **CISA** added **CVE-2026-0300** to the **KEV Catalog** and ordered **FCEB agencies** to secure vulnerable firewalls by **May 9, 2026**. The federal directive makes the exploited...

Open Happening

Apache HTTP Server mod_http2 double free and possible RCE (CVE-2026-23918)

Vulnerability
First: 05.05.2026 19:19 Last: 05.05.2026 19:19 Sources 1

About this happening: **Apache HTTP Server 2.4.66**'s **mod_http2** now has a fixed **double free** vulnerability, **CVE-2026-23918**, that can cause **DoS** and possible **remote code execution**. Apa...

Open Happening

Timeline

  1. 21.04.2026 14:17 1 articles · 1mo ago

    Apache ActiveMQ patch release for CVE-2026-34197

    Mitigation Patch Update

    Apache maintainers patched CVE-2026-34197 on March 30 in ActiveMQ Classic versions 6.2.3 and 5.19.4, addressing an improper input validation weakness that can let authenticated threat actors execute arbitrary code on unpatched systems.

    Show sources
    Open in new tab
  2. 21.04.2026 14:17 2 articles · 1mo ago

    CISA mitigation order for actively exploited Apache ActiveMQ

    Legal Policy Action Update

    CISA warned that the Apache ActiveMQ vulnerability CVE-2026-34197 is actively exploited in attacks and ordered Federal Civilian Executive Branch agencies to secure their servers by April 30, with vendor mitigations or BOD 22-01 guidance required when available.

    Show sources
    Open in new tab