Skip to content
Threat Feed

CPE

Cpe:2.3:a:broadcom:rabbitmq_server:*:*:*:*:*:*:*:*

4 briefs RSS
high advisory

RabbitMQ Management UI UNC SSRF Vulnerability (CVE-2026-57211) on Windows

CVE-2026-57211 details a Server-Side Request Forgery (SSRF) vulnerability within the RabbitMQ management UI when deployed on Windows, enabling an attacker to coerce the server into making requests to arbitrary UNC paths, potentially leading to NTLM credential disclosure or internal network reconnaissance.

RabbitMQ management UI vulnerability ssrf rabbitmq windows msrc
1c
low advisory

RabbitMQ Topic Authorization Bypass via Cross-Tenant Routing-Key Vulnerability

CVE-2026-57217 details a vulnerability in RabbitMQ where topic authorization can be bypassed, leading to cross-tenant routing-key bypass, potentially allowing unauthorized access to or manipulation of routing keys in a multi-tenant environment.

RabbitMQ vulnerability authorization-bypass
1c
low advisory

RabbitMQ Stream Listener Vulnerability CVE-2026-57220 Allows Unauthenticated Memory Exhaustion DoS

A denial-of-service vulnerability, CVE-2026-57220, exists in the RabbitMQ stream listener that allows an unauthenticated attacker to exhaust memory resources by not properly enforcing frame-size limits during authentication, leading to service disruption.

RabbitMQ Stream listener denial-of-service vulnerability rabbitmq
1t 1c
high advisory

RabbitMQ Unauthenticated OAuth Client Credential Disclosure via HTTP API (CVE-2026-57219)

CVE-2026-57219 describes an unauthenticated disclosure vulnerability in RabbitMQ, allowing an attacker to obtain OAuth client credentials via an HTTP API endpoint when RabbitMQ is configured with certain less common OAuth 2 configurations, potentially leading to unauthorized access to other systems or services.

RabbitMQ vulnerability credential-access broadcom
1t 1c