CVE-2026-46605

Published: Giu 01, 2026 Last Modified: Giu 01, 2026
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows authenticated connections to remove existing destinations with proper permissions.

This issue affects Apache ActiveMQ Broker: before 5.19.7, from 6.0.0 before 6.2.6; Apache ActiveMQ All: before 5.19.7, from 6.0.0 before 6.2.6; Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6.

Users are recommended to upgrade to version v6.2.6 or v5.19.7, which fixes the issue.

285

Improper Authorization

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Access Control
Potential Impacts:
Read Application Data Read Files Or Directories Modify Application Data Modify Files Or Directories Gain Privileges Or Assume Identity Execute Unauthorized Code Or Commands
Applicable Platforms
Technologies: Not Technology-Specific, Web Server, Database Server
Likelihood of Exploit: High
View CWE Details
http://www.openwall.com/lists/oss-security/2026/05/31/20
http://www.openwall.com/lists/oss-security/2026/05/31/20
https://lists.apache.org/thread/l4lxgr2s73g9pb218f180psfysk…
https://lists.apache.org/thread/l4lxgr2s73g9pb218f180psfyskf8ldm