Critical RCE Vulnerability CVE-2026-34197 Discovered in Apache ActiveMQ Classic

Critical RCE Vulnerability CVE-2026-34197 Discovered in Apache ActiveMQ Classic

First seen 7 Apr 2026, 23:59 UTC Horizon3.AiCybersecuritynewsGbhackersInfosecurity-MagazineBleepingcomputer+17 85% similarity 74.0

Article Content

Browse articles
ThreatCluster

A critical remote code execution (RCE) vulnerability, tracked as CVE-2026-34197, has been identified in Apache ActiveMQ Classic, affecting versions prior to 5.19.4 and 6.0.0 to 6.2.3. This flaw, which has remained undetected for 13 years, allows authenticated attackers to exploit the Jolokia API to execute arbitrary code by supplying a crafted URI. In certain versions, where another vulnerability (CVE-2024-32114) exposes the Jolokia API without authentication, this RCE can be executed without credentials. The vulnerability is particularly dangerous due to its potential for full host compromise once access to the web console is gained. Patches have been released in versions 5.19.4 and 6.2.3 to mitigate this risk. The discovery was made by Horizon3.ai, highlighting a significant security concern for organizations using ActiveMQ. ActiveMQ is widely used across various sectors, including finance and healthcare, making this vulnerability a high priority for remediation.

Key Points: • CVE-2026-34197 allows RCE via the Jolokia API in Apache ActiveMQ Classic. • Exploitation can occur without credentials in certain vulnerable versions. • Patches are available in ActiveMQ versions 5.19.4 and 6.2.3.

ThreatCluster AI

Timeline

2016-06-01
CVE-2016-3088 published
2023-10-27
CVE-2023-46604 published
2023-11-28
CVE-2022-41678 published
2024-05-02
CVE-2024-32114 published
2026-04-07
CVE-2026-34197 published
2026-04-07
Patches released for CVE-2026-34197

Community

Browse all →