VYPR

Artemis

by Apache

Source repositories

CVEs (5)

  • CVE-2026-27446CriMar 4, 2026
    risk 0.64cvss 9.8epss 0.11

    Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled…

  • CVE-2020-10727MedJun 26, 2020
    risk 0.36cvss 5.5epss 0.01

    A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the `resetUsers` operation. A local attacker can use…

  • CVE-2026-40914MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability exists in Apache Artemis whereby an application using the STOMP protocol with security credentials that grant either the consume or send permission on an address can augment the routing-type supported by that address even if said user doesn't have the…

  • CVE-2026-32642MedMar 24, 2026
    risk 0.28cvss 4.3epss 0.00

    Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the…

  • CVE-2026-4649Mar 24, 2026
    risk 0.00cvss epss 0.00

    Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message ( CVE-2026-27446 https://www.cve.org/CVERecord ). Since KNIME Business Hub uses Apache Artemis it is also…