Medium severity4.3NVD Advisory· Published Jun 1, 2026· Updated Jun 1, 2026
CVE-2026-46605
CVE-2026-46605
Description
Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows authenticated connections to remove existing destinations with proper permissions.
This issue affects Apache ActiveMQ Broker: before 5.19.7, from 6.0.0 before 6.2.6; Apache ActiveMQ All: before 5.19.7, from 6.0.0 before 6.2.6; Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6.
Users are recommended to upgrade to version v6.2.6 or v5.19.7, which fixes the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
2- www.openwall.com/lists/oss-security/2026/05/31/20nvdMailing ListThird Party Advisory
- lists.apache.org/thread/l4lxgr2s73g9pb218f180psfyskf8ldmnvdMailing ListVendor Advisory
News mentions
0No linked articles in our index yet.