"CVE-2026-34197 is related to the Jolokia API and can allow an authenticated attacker to execute arbitrary code. Many Apache ActiveMQ instances are protected by widely-known default credentials."
"CVE-2026-34197 can be chained with an older vulnerability tracked as CVE-2024-32114 to achieve unauthenticated remote code execution."
"The cybersecurity agency CISA added CVE-2026-34197 to its Known Exploited Vulnerabilities (KEV) catalog on Thursday, instructing federal agencies to patch it by April 30."
"Fortinet has seen dozens of exploitation attempts in the past week, indicating active exploitation of the vulnerability."
CVE-2026-34197, a vulnerability in Apache ActiveMQ Classic, has been exploited in the wild after remaining undetected for 13 years. It allows authenticated attackers to execute arbitrary code via the Jolokia API. Many instances are vulnerable due to default credentials. The vulnerability can also be combined with CVE-2024-32114 for unauthenticated remote code execution. The cybersecurity agency CISA has added it to its Known Exploited Vulnerabilities catalog, urging federal agencies to patch by April 30. Fortinet has reported numerous exploitation attempts recently.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]