Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.activemq/apache-activemq@6.0.0

Type maven

Namespace org.apache.activemq

Name apache-activemq

Version 6.0.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-4geh-ywa3-zuez

vulnerability_id VCID-4geh-ywa3-zuez

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40046.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40046.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-40046

reference_id

reference_type

scores

value	0.00054
scoring_system	epss
scoring_elements	0.17222
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-40046

reference_url

https://lists.apache.org/thread/zdntj5rcgjjzrpow84o339lzldy68zrg

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T19:39:38Z/

url

https://lists.apache.org/thread/zdntj5rcgjjzrpow84o339lzldy68zrg

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-40046

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-40046

reference_url

https://www.cve.org/CVERecord?id=CVE-2025-66168

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T19:39:38Z/

url

https://www.cve.org/CVERecord?id=CVE-2025-66168

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2456950
reference_id	2456950
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2456950

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2026-40046-announcement.txt

reference_id

CVE-2026-40046-ANNOUNCEMENT.TXT

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T19:39:38Z/

url

https://activemq.apache.org/security-advisories.data/CVE-2026-40046-announcement.txt

reference_url

https://github.com/advisories/GHSA-xvqc-pp94-fmpx

reference_id

GHSA-xvqc-pp94-fmpx

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xvqc-pp94-fmpx

fixed_packages

url	pkg:maven/org.apache.activemq/apache-activemq@6.2.4
purl	pkg:maven/org.apache.activemq/apache-activemq@6.2.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/apache-activemq@6.2.4

aliases CVE-2026-40046, GHSA-xvqc-pp94-fmpx

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4geh-ywa3-zuez

url VCID-5hy6-qnne-g7f7

vulnerability_id VCID-5hy6-qnne-g7f7

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32114.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32114.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-32114

reference_id

reference_type

scores

value	0.67981
scoring_system	epss
scoring_elements	0.98611
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-32114

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://github.com/apache/activemq/commit/43cc596219b6a8c8b5a54fbda3fb68cb4424f2d0

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/43cc596219b6a8c8b5a54fbda3fb68cb4424f2d0

reference_url

https://github.com/apache/activemq/pull/1201

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/pull/1201

reference_url

https://issues.apache.org/jira/browse/AMQ-9477

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/AMQ-9477

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2278791
reference_id	2278791
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2278791

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-32114

reference_id

CVE-2024-32114

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-32114

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2024-32114-announcement.txt

reference_id

CVE-2024-32114-ANNOUNCEMENT.TXT

reference_type

scores

value	8.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-02T17:11:27Z/

url

https://activemq.apache.org/security-advisories.data/CVE-2024-32114-announcement.txt

reference_url

https://github.com/advisories/GHSA-gj5m-m88j-v7c3

reference_id

GHSA-gj5m-m88j-v7c3

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gj5m-m88j-v7c3

fixed_packages

url pkg:maven/org.apache.activemq/apache-activemq@6.1.2

purl pkg:maven/org.apache.activemq/apache-activemq@6.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4geh-ywa3-zuez

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/apache-activemq@6.1.2

aliases CVE-2024-32114, GHSA-gj5m-m88j-v7c3

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5hy6-qnne-g7f7

url VCID-8e3u-5z6g-8khh

vulnerability_id VCID-8e3u-5z6g-8khh

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40466.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40466.json

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2026-34197-announcement.txt

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-27T13:37:05Z/

url

https://activemq.apache.org/security-advisories.data/CVE-2026-34197-announcement.txt

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-40466

reference_id

reference_type

scores

value	0.18014
scoring_system	epss
scoring_elements	0.9528
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-40466

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-40466

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-40466

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
reference_id	1136024
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2461410
reference_id	2461410
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2461410

reference_url

https://github.com/advisories/GHSA-w3w2-mpp5-92gm

reference_id

GHSA-w3w2-mpp5-92gm

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w3w2-mpp5-92gm

fixed_packages

url	pkg:maven/org.apache.activemq/apache-activemq@6.2.5
purl	pkg:maven/org.apache.activemq/apache-activemq@6.2.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/apache-activemq@6.2.5

aliases CVE-2026-40466, GHSA-w3w2-mpp5-92gm

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8e3u-5z6g-8khh

url VCID-edne-2a74-f3df

vulnerability_id VCID-edne-2a74-f3df

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39304.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39304.json

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2026-39304-announcement.txt

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T14:10:10Z/

url

https://activemq.apache.org/security-advisories.data/CVE-2026-39304-announcement.txt

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-39304

reference_id

reference_type

scores

value	0.00076
scoring_system	epss
scoring_elements	0.22938
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-39304

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-39304

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-39304

reference_url

http://www.openwall.com/lists/oss-security/2026/04/09/17

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/04/09/17

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
reference_id	1136024
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2457275
reference_id	2457275
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2457275

reference_url

https://github.com/advisories/GHSA-5568-6qcg-g7fx

reference_id

GHSA-5568-6qcg-g7fx

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5568-6qcg-g7fx

fixed_packages

url	pkg:maven/org.apache.activemq/apache-activemq@6.2.4
purl	pkg:maven/org.apache.activemq/apache-activemq@6.2.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/apache-activemq@6.2.4

aliases CVE-2026-39304, GHSA-5568-6qcg-g7fx

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-edne-2a74-f3df

url VCID-kemy-3jwv-ekhr

vulnerability_id VCID-kemy-3jwv-ekhr

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41044.json

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41044.json

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2026-41044-announcement.txt

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T18:22:17Z/

url

https://activemq.apache.org/security-advisories.data/CVE-2026-41044-announcement.txt

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-41044

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.2227
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-41044

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-41044

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-41044

reference_url

http://www.openwall.com/lists/oss-security/2026/04/23/6

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/04/23/6

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
reference_id	1136024
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2461409
reference_id	2461409
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2461409

reference_url

https://github.com/advisories/GHSA-mr6m-xj7v-3cv3

reference_id

GHSA-mr6m-xj7v-3cv3

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mr6m-xj7v-3cv3

fixed_packages

url	pkg:maven/org.apache.activemq/apache-activemq@6.2.5
purl	pkg:maven/org.apache.activemq/apache-activemq@6.2.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/apache-activemq@6.2.5

aliases CVE-2026-41044, GHSA-mr6m-xj7v-3cv3

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kemy-3jwv-ekhr

url VCID-ny22-j17a-sban

vulnerability_id VCID-ny22-j17a-sban

summary

Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound
Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT control packets which makes the broker susceptible to unexpected behavior when interacting with non-compliant clients. This behavior violates the MQTT v3.1.1 specification, which restricts Remaining Length to a maximum of 4 bytes. The scenario occurs on established connections after the authentication process. Brokers that are not enabling mqtt transport connectors are not impacted.

This issue affects Apache ActiveMQ: before 5.19.2, 6.0.0 to 6.1.8, and 6.2.0

Users are recommended to upgrade to version 5.19.2, 6.1.9, or 6.2.1, which fixes the issue.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66168.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66168.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-66168

reference_id

reference_type

scores

value	0.00076
scoring_system	epss
scoring_elements	0.22799
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-66168

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://lists.apache.org/thread/13n8mkrb2jf2y6yyhpgrkmpqcm7djyto

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-04T20:27:42Z/

url

https://lists.apache.org/thread/13n8mkrb2jf2y6yyhpgrkmpqcm7djyto

reference_url

https://www.cve.org/CVERecord?id=CVE-2026-40046

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-04T20:27:42Z/

url

https://www.cve.org/CVERecord?id=CVE-2026-40046

reference_url

http://www.openwall.com/lists/oss-security/2026/03/03/5

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/03/03/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2444356
reference_id	2444356
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2444356

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-66168

reference_id

CVE-2025-66168

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-66168

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2026-40046-announcement.txt

reference_id

CVE-2026-40046-ANNOUNCEMENT.TXT

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-04T20:27:42Z/

url

https://activemq.apache.org/security-advisories.data/CVE-2026-40046-announcement.txt

reference_url

https://github.com/advisories/GHSA-c825-6ph3-4h84

reference_id

GHSA-c825-6ph3-4h84

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-c825-6ph3-4h84

fixed_packages

url	pkg:maven/org.apache.activemq/apache-activemq@6.1.9
purl	pkg:maven/org.apache.activemq/apache-activemq@6.1.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/apache-activemq@6.1.9

url pkg:maven/org.apache.activemq/apache-activemq@6.2.1

purl pkg:maven/org.apache.activemq/apache-activemq@6.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4geh-ywa3-zuez

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/apache-activemq@6.2.1

aliases CVE-2025-66168, GHSA-c825-6ph3-4h84

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ny22-j17a-sban

url VCID-zare-arub-n3h4

vulnerability_id VCID-zare-arub-n3h4

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41043.json

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41043.json

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2026-41043-announcement.txt

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:05:08Z/

url

https://activemq.apache.org/security-advisories.data/CVE-2026-41043-announcement.txt

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-41043

reference_id

reference_type

scores

value	0.00241
scoring_system	epss
scoring_elements	0.47543
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-41043

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-41043

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-41043

reference_url

http://www.openwall.com/lists/oss-security/2026/04/23/5

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/04/23/5

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
reference_id	1136024
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2461407
reference_id	2461407
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2461407

reference_url

https://github.com/advisories/GHSA-2jp3-2923-9h52

reference_id

GHSA-2jp3-2923-9h52

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-2jp3-2923-9h52

fixed_packages

url	pkg:maven/org.apache.activemq/apache-activemq@6.2.5
purl	pkg:maven/org.apache.activemq/apache-activemq@6.2.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/apache-activemq@6.2.5

aliases CVE-2026-41043, GHSA-2jp3-2923-9h52

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zare-arub-n3h4

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/apache-activemq@6.0.0

Package Instance