CVE-2026-54475

HIGH

Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeover

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-54475. PoCs published by HermesNA-1.

AI-analyzed exploit summary This repository contains an auto-generated stub module for CVE-2026-54475, a missing authorization vulnerability in Apache ActiveMQ Classic. The code includes placeholder methods (`check` and `run`) with no actual exploit logic, only references to external advisories for further details.

Description

Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing a different connection to consume from another connection's temporary destination. This issue affects Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7, which fixes the issue.

Exploits (1)

github STUB 1 stars
by HermesNA-1 · pythonpoc
https://github.com/HermesNA-1/SnakeSploit/tree/main/data/modules_generated/cve-2026-54475_missing_authorization_vulnerability.py

This repository contains an auto-generated stub module for CVE-2026-54475, a missing authorization vulnerability in Apache ActiveMQ Classic. The code includes placeholder methods (`check` and `run`) with no actual exploit logic, only references to external advisories for further details.

Classification
Stub 99%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Theoretical
Target: Apache ActiveMQ Classic (temporary destinations feature)
No auth needed
Prerequisites: Network access to the ActiveMQ broker (default port 61616 or HTTP/HTTPS ports) · Target must be running a vulnerable version of Apache ActiveMQ Classic
mistral-large-3 · analyzed Jul 09, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.5
EPSS 0.0059
EPSS Percentile 44.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (8)
apache/activemq < 5.19.8
apache/activemq_broker < 5.19.8
Apache Software Foundation/Apache ActiveMQ < 5.19.8
Apache Software Foundation/Apache ActiveMQ 6.0.0 - 6.2.7
Apache Software Foundation/Apache ActiveMQ All < 5.19.8
Apache Software Foundation/Apache ActiveMQ All 6.0.0 - 6.2.7
Apache Software Foundation/Apache ActiveMQ Broker < 5.19.8
Apache Software Foundation/Apache ActiveMQ Broker 6.0.0 - 6.2.7
Published Jun 30, 2026
Tracked Since Jun 30, 2026