threat
engine
.sh
Back
·
··:··
Home
/
Product
/
apache activemq artemis
Product
apache activemq artemis
14 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-32642
>= 2.0.0 and <= 2.44.0
Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the O
4.3
MEDIUM
CVE-2026-27446
>= 2.11.0 and <= 2.44.0
Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticate
9.8
CRITICAL
CVE-2025-27391
>= 1.5.1 and < 2.40.0
Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties
6.5
MEDIUM
CVE-2025-27427
>= 2.0.0 and < 2.40.0
A vulnerability exists in Apache ActiveMQ Artemis whereby a user with the createDurableQueue or createNonDurableQueue permission o
4.3
MEDIUM
CVE-2023-50780
< 2.29.0
Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the au
8.8
HIGH
CVE-2021-4040
< 2.19.1
A flaw was found in AMQ Broker. This issue can cause a partial interruption to the availability of AMQ Broker via an Out of memory
5.3
MEDIUM
CVE-2022-35278
< 2.24.0
In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in t
6.1
MEDIUM
CVE-2022-23913
< 2.19.1
In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled
7.5
HIGH
CVE-2021-26118
all versions
While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache Activ
7.5
HIGH
CVE-2021-26117
< 2.16.0
The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache Act
7.5
HIGH
CVE-2020-13932
>= 2.5.0 and <= 2.13.0
In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name ca
6.1
MEDIUM
CVE-2020-10727
>= 2.7.0 and <= 2.12.0
A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores password
5.5
MEDIUM
CVE-2017-12174
< 2.4.0
It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array
7.5
HIGH
CVE-2016-4978
< 1.4.0
The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST com
7.2
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin