Main Vulnerability Database Exploits ID:12576 - Exploit for Code Injection in ActiveMQ - CVE-2026-34197

ID:12576 - Exploit for Code Injection in ActiveMQ - CVE-2026-34197

Published: April 10, 2026

Vulnerability identifier: #VU125787

Vulnerability risk: Medium

CVE-ID: CVE-2026-34197

CWE-ID: CWE-94

Exploitation vector: Remote access

Vulnerable software:
ActiveMQ

Link to public exploit:

https://github.com/KONDORDEVSECURITYCORP/CVE-2026-34197

Vulnerability description

The vulnerability allows a remote user to execute arbitrary code.

The vulnerability exists due to code injection in the Jolokia JMX-HTTP bridge and exposed ActiveMQ MBeans when handling authenticated exec operations with a crafted discovery URI. A remote user can invoke BrokerService.addNetworkConnector(String) or BrokerService.addConnector(String) to execute arbitrary code.

The issue is exposed through the web console endpoint at /api/jolokia/, and exploitation causes remote Spring XML application context loading via the VM transport's brokerConfig parameter before configuration validation completes.

Remediation

Install security update from vendor's website.

ID:12576 - Exploit for Code Injection in ActiveMQ - CVE-2026-34197

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human