Csoonline
Critical RabbitMQ Vulnerabilities Enable Broker Takeover via OAuth Secrets
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Miggo Security discovered two critical vulnerabilities in RabbitMQ, a widely used open-source message broker. The flaws, CVE-2026-57219 and CVE-2026-57221, were present since early 2024 and allow unauthenticated attackers to access OAuth client secrets and authenticated users to enumerate queues and exchanges. CVE-2026-57219, with a CVSS score of 8.7, exposes the OAuth client secret through an obsolete management endpoint, enabling full broker takeover. CVE-2026-57221, with a CVSS score of 5.3, allows low-privileged users to view sensitive metadata. Both vulnerabilities affect RabbitMQ versions from 3.13.0 onward and have been patched in the latest releases. Organizations are advised to apply patches immediately and rotate any exposed OAuth secrets.
Key Points: • Two critical vulnerabilities in RabbitMQ allow unauthorized access to OAuth secrets. • CVE-2026-57219 can lead to complete broker takeover with a CVSS score of 8.7. • Organizations must patch affected RabbitMQ versions and rotate OAuth secrets to mitigate risks.