{"api_version":"1","generated_at":"2026-07-01T03:01:40+00:00","cve":"CVE-2026-49434","urls":{"html":"https://cve.report/CVE-2026-49434","api":"https://cve.report/api/cve/CVE-2026-49434.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-49434","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-49434"},"summary":{"title":"Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker","description":"Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\n\nAn attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to fetch an attacker URL and spawn a second BrokerService inside the same JVM.\nThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\n\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.","state":"PUBLISHED","assigner":"apache","published_at":"2026-06-30 11:16:29","updated_at":"2026-06-30 14:10:09"},"problem_types":["CWE-20","CWE-20 CWE-20 Improper Input Validation"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"}}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2026/06/29/8","name":"http://www.openwall.com/lists/oss-security/2026/06/29/8","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://lists.apache.org/thread/hcjh7kdk4l85tb9ksmvcnkhso1ngj50o","name":"https://lists.apache.org/thread/hcjh7kdk4l85tb9ksmvcnkhso1ngj50o","refsource":"security@apache.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-49434","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-49434","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Apache Software Foundation","product":"Apache ActiveMQ Broker","version":"affected 5.19.8 semver","platforms":[]},{"source":"CNA","vendor":"Apache Software Foundation","product":"Apache ActiveMQ Broker","version":"affected 6.0.0 6.2.7 semver","platforms":[]},{"source":"CNA","vendor":"Apache Software Foundation","product":"Apache ActiveMQ","version":"affected 5.19.8 semver","platforms":[]},{"source":"CNA","vendor":"Apache Software Foundation","product":"Apache ActiveMQ","version":"affected 6.0.0 6.2.7 semver","platforms":[]},{"source":"CNA","vendor":"Apache Software Foundation","product":"Apache ActiveMQ All","version":"affected 5.19.8 semver","platforms":[]},{"source":"CNA","vendor":"Apache Software Foundation","product":"Apache ActiveMQ All","version":"affected 6.0.0 6.2.7 semver","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"@Add Content","lang":"en"}],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2026-06-30T11:06:07.246Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"url":"http://www.openwall.com/lists/oss-security/2026/06/29/8"}],"title":"CVE Program Container"},{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","version":"3.1"}},{"other":{"content":{"id":"CVE-2026-49434","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-06-30T12:27:23.416553Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-06-30T12:27:49.847Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"collectionURL":"https://repo.maven.apache.org/maven2","defaultStatus":"unaffected","packageName":"org.apache.activemq:activemq-broker","product":"Apache ActiveMQ Broker","vendor":"Apache Software Foundation","versions":[{"lessThan":"5.19.8","status":"affected","version":"0","versionType":"semver"},{"lessThan":"6.2.7","status":"affected","version":"6.0.0","versionType":"semver"}]},{"collectionURL":"https://repo.maven.apache.org/maven2","defaultStatus":"unaffected","packageName":"org.apache.activemq:apache-activemq","product":"Apache ActiveMQ","vendor":"Apache Software Foundation","versions":[{"lessThan":"5.19.8","status":"affected","version":"0","versionType":"semver"},{"lessThan":"6.2.7","status":"affected","version":"6.0.0","versionType":"semver"}]},{"collectionURL":"https://repo.maven.apache.org/maven2","defaultStatus":"unaffected","packageName":"org.apache.activemq:activemq-all","product":"Apache ActiveMQ All","vendor":"Apache Software Foundation","versions":[{"lessThan":"5.19.8","status":"affected","version":"0","versionType":"semver"},{"lessThan":"6.2.7","status":"affected","version":"6.0.0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"@Add Content"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.</p><span style=\"background-color: rgb(255, 255, 255);\">An attacker that has access to publish or modify entries in LDAP that match the configured </span><span style=\"background-color: rgb(255, 255, 255);\">searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to <span style=\"background-color: rgb(255, 255, 255);\">fetch an attacker URL and spawn a </span><span style=\"background-color: rgb(255, 255, 255);\">second BrokerService inside the same JVM.</span></span><br><p>This issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.<br></p><p>Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.</p><p></p>"}],"value":"Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\n\nAn attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to fetch an attacker URL and spawn a second BrokerService inside the same JVM.\nThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\n\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue."}],"metrics":[{"other":{"content":{"text":"moderate"},"type":"Textual description of severity"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20 Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-30T09:55:29.533Z","orgId":"f0158376-9dc2-43b6-827c-5f631a4d8d09","shortName":"apache"},"references":[{"tags":["vendor-advisory"],"url":"https://lists.apache.org/thread/hcjh7kdk4l85tb9ksmvcnkhso1ngj50o"}],"source":{"discovery":"UNKNOWN"},"title":"Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker","x_generator":{"engine":"Vulnogram 0.2.0"}}},"cveMetadata":{"assignerOrgId":"f0158376-9dc2-43b6-827c-5f631a4d8d09","assignerShortName":"apache","cveId":"CVE-2026-49434","datePublished":"2026-06-30T09:55:29.533Z","dateReserved":"2026-05-29T20:48:53.860Z","dateUpdated":"2026-06-30T12:27:49.847Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-30 11:16:29","lastModifiedDate":"2026-06-30 14:10:09","problem_types":["CWE-20","CWE-20 CWE-20 Improper Input Validation"],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-30T12:27:23.416553Z","id":"CVE-2026-49434","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"49434","Ordinal":"1","Title":"Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Ld","CVE":"CVE-2026-49434","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"49434","Ordinal":"1","NoteData":"Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.\n\nAn attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used to fetch an attacker URL and spawn a second BrokerService inside the same JVM.\nThis issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.\n\n\nUsers are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.","Type":"Description","Title":"Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Ld"}]}}}