Over 6,400 Apache ActiveMQ servers exposed online are vulnerable to active exploitation of CVE-2026-34197, a high-severity code injection flaw that allows authenticated attackers to execute arbitrary code. The vulnerability, discovered by Horizon3 researcher Naveen Sunkavally using Claude AI, went undetected for 13 years before being patched on March 30 in ActiveMQ Classic versions 6.2.3 and 5.19.4. CISA has flagged it as actively exploited and ordered federal agencies to patch by April 30. Admins are advised to check broker logs for suspicious VM transport protocol connections and treat remediation as high priority.
Table of contents
Related Articles:Sort: