Skip to main content

Apache ActiveMQ EUVDEUVD-2026-40277

| CVE-2026-53917 HIGH
Memory Allocation with Excessive Size Value (CWE-789)
7.5
CVSS 3.1 · Vendor
Share

Severity by source

Vendor (CNA) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
6.5 MEDIUM

Network-reachable OpenWire with low complexity, but the description requires an authenticated user so PR:L; impact is availability-only (A:H) with no confidentiality or integrity effect.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (CNA).

CVSS VectorVendor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Analysis Updated
Jun 30, 2026 - 15:32 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 30, 2026 - 15:31 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 30, 2026 - 15:22 vuln.today
cvss_changed
CVSS changed
Jun 30, 2026 - 15:22 NVD
7.5 (HIGH)
Patch available
Jun 30, 2026 - 12:01 EUVD
Analysis Generated
Jun 29, 2026 - 22:16 vuln.today

Description PRE-NVD

Disclosed via oss-security. NVD scoring and full description are pending.

AnalysisAI

Denial of service in Apache ActiveMQ (versions before 5.19.8, and 6.0.0 before 6.2.7) lets an authenticated user crash the broker by sending a crafted OpenWire message whose property map declares an excessively large encoded size. Because the map is unmarshaled without validating the declared size against actual payload bounds, the broker pre-allocates massive memory and hits an OutOfMemory condition. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Connect to broker OpenWire port
Delivery
Authenticate as valid user
Exploit
Craft message with oversized map size
Execution
Broker allocates excessive memory
Impact
JVM OutOfMemory crash and DoS

Vulnerability AssessmentAI

Exploitation Exploitation requires the broker to expose the OpenWire transport (the default ActiveMQ connector, typically TCP 61616) and the ability to send a single OpenWire message containing a property map with a forged large encoded size value that is unmarshaled without bounds checking. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) reflects a pure availability impact reachable over the network with low complexity, no UI, and - per the vector - no privileges. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with a valid OpenWire connection to the broker (or, if the PR:N vector holds, any network client) crafts a single message whose property-map header declares a huge encoded size. When the broker unmarshals the map it pre-allocates memory to match the bogus size, exhausts the JVM heap, and the broker process throws OutOfMemoryError and crashes - taking down messaging for all connected applications. …
Remediation Vendor-released patch: upgrade to 6.2.7 (for the 6.x line) or 5.19.8 (for the 5.x line), which add size validation during OpenWire map unmarshaling; this is the primary and recommended fix per the Apache advisory (https://activemq.apache.org/ and https://lists.apache.org/thread/grrd1mwgkgblqjbwkkq6dvmdxd9ov2dx). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Apache ActiveMQ deployments and document current versions running in your environment. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-40277 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy