Search CVE reports


Toggle filters

1 – 10 of 35 results


CVE-2026-57221

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ does not perform authorization checks on passive queue.declare and exchange.declare AMQP 0-9-1 operations, allowing any...

1 affected package

rabbitmq-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rabbitmq-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-57220

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, the RabbitMQ stream listener does not enforce the configured stream frame-size limit while assembling frames during authentication and before Tune negotiation, allowing...

1 affected package

rabbitmq-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rabbitmq-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-57219

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, the obsolete GET /api/auth endpoint can disclose the OAuth 2 client secret on RabbitMQ installations configured...

1 affected package

rabbitmq-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rabbitmq-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-57218

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, RabbitMQ AMQP 0-9-1 allows an existing consumer to keep receiving messages after OAuth token expiry or connection.update_secret refresh to reduced scopes...

1 affected package

rabbitmq-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rabbitmq-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-57217

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.21, 4.1.11, and 4.2.6, RabbitMQ topic authorization can allow restricted topic writes and binds during metadata-store failures because topic-permission lookup...

1 affected package

rabbitmq-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rabbitmq-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-57216

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, AMQP 0-9-1, AMQP 1.0, and Stream Protocol authentication can allow a loopback-restricted user such as guest to connect remotely...

1 affected package

rabbitmq-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rabbitmq-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-57215

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ allows foreign bindings to amq.rabbitmq.reply-to destinations because volatile direct-reply-to queues can be accepted at bind and...

1 affected package

rabbitmq-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rabbitmq-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-57214

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 4.2.5, the RabbitMQ management UI renders the x-internal-purpose queue or exchange argument into an HTML title attribute without proper escaping on the Queues and Exchanges...

1 affected package

rabbitmq-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rabbitmq-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-57213

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.14, 4.0.19, 4.1.10, and 4.2.5, the rabbitmq_federation_management plugin renders the consumer_tag field on the Federation Status page without HTML escaping, allowing a...

1 affected package

rabbitmq-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rabbitmq-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-57212

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.14, 4.0.19, 4.1.10, and 4.2.5, the rabbitmq_management HTTP API accepts oversized valid JSON bodies on with_decode and direct_request paths because read_complete_body...

1 affected package

rabbitmq-server

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rabbitmq-server Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages