Tag
Critical Deserialization Vulnerability in Apache ActiveMQ NMS AMQP Client (CVE-2025-54539)
2 rules 1 TTP 1 CVEA critical deserialization of untrusted data vulnerability (CVE-2025-54539) exists in Apache ActiveMQ NMS AMQP Client <= v2.3.0, where an attacker controlling or impersonating an AMQP broker can send malicious serialized data that the client deserializes unsafely, allowing arbitrary code execution on the client system.
Siemens Opcenter RDnL Missing Authentication Vulnerability (CVE-2026-27446)
2 rules 1 TTP 1 CVESiemens Opcenter RDnL is vulnerable to missing authentication in critical function (CVE-2026-27446), where an unauthenticated attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker, potentially leading to availability impacts and message injection.
Apache ActiveMQ Vulnerabilities Allow RCE and XSS
2 rules 1 TTP 5 CVEsAn authenticated remote attacker can exploit multiple vulnerabilities in Apache ActiveMQ to execute arbitrary program code or perform cross-site scripting attacks.
Apache ActiveMQ Classic RCE via Jolokia API Exploitation
2 rules 3 TTPs 3 CVEsA remote code execution vulnerability (CVE-2026-34197) in Apache ActiveMQ Classic allows authenticated attackers to invoke management operations through the Jolokia API to retrieve a remote configuration file and execute OS commands, potentially exploitable without authentication via CVE-2024-32114.
Active Exploitation of Apache ActiveMQ RCE Vulnerability (CVE-2023-46604)
2 rules 2 TTPsCVE-2023-46604 is a remote code execution vulnerability affecting Apache ActiveMQ that is actively exploited in the wild by ransomware operators, allowing remote attackers to execute arbitrary shell commands.