CVE-2026-49157 | Apache ActiveMQ up to 5.19.6/6.2.5 Jolokia broker-management privilege escalation

Inserito da Angelo Barbosa | Giu 1, 2026 | CVE

A vulnerability was found in Apache ActiveMQ up to 5.19.6/6.2.5. It has been classified as problematic. This affects an unknown function of the component Jolokia broker-management. Performing a manipulation results in privilege escalation.

This vulnerability is reported as CVE-2026-49157. The attacker must have access to the local network to execute the attack. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-49157 | Apache ActiveMQ up to 5.19.6/6.2.5 Jolokia broker-management privilege escalation

Post correlati

CVE-2024-38479 | Apache Traffic Server up to 9.2.5 Cache Key Plugin

CVE-2026-44884 | portainer Community Edition up to 2.33.7/2.39.0 Custom Template File Endpoint file authorization (GHSA-cqpq-2fgr-8mvc)

CVE-2024-39410 | Adobe Commerce/Magento Open Source up to 2.4.4-p9/2.4.5-p8/2.4.6-p6/2.4.7-p1 cross-site request forgery (apsb24-61)

CVE-2025-59049 | mockoon up to 9.1.x file inclusion