CVE-2026-50734 - Vulnerability Details

- Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation

Description

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All.

An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker.
This issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7.

Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.

Published: 2026-06-30

Score: 7.5 High

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

Memory allocation with an excessive size value, a CWE‑789 vulnerability, allows an unauthenticated network attacker to trigger a broker denial of service by sending a crafted WireFormatInfo frame during pre‑authentication. The broker does not validate the size field and attempts to allocate that amount of memory, causing an out‑of‑memory condition that crashes the broker. The direct impact is the loss of availability of the broker, interrupting messaging services for all connected clients.

Affected Systems

Apache ActiveMQ client and broker components from the Apache Software Foundation, including the "Apache ActiveMQ All" bundle, are affected. Versions prior to 5.19.8 and versions 6.0.0 through 6.2.6 contain the vulnerability.

Risk and Exploitability

The vulnerability can be invoked by an attacker from any network location prior to authentication, making it widely exploitable. Although EPSS data is not available and the issue is not listed in the CISA KEV catalog, the nature of the flaw—pre‑authentication memory allocation—suggests a high impact on availability and a reasonable likelihood of exploitation. The CVSS score is 7.5, indicating significant severity, but the primary risk remains a broker crash rather than confidentiality or integrity compromise.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apache Software Foundation

Apache ActiveMQ Client

unaffected

Version	Status	Constraints
`0`	affected	< 5.19.8
`6.0.0`	affected	< 6.2.7

Apache Software Foundation

Apache ActiveMQ

unaffected

Version	Status	Constraints
`0`	affected	< 5.19.8
`6.0.0`	affected	< 6.2.7

Apache Software Foundation

Apache ActiveMQ All

unaffected

Version	Status	Constraints
`0`	affected	< 5.19.8
`6.0.0`	affected	< 6.2.7

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Apache ActiveMQ to version 5.19.8 or 6.2.7 or later, which contains the fix.
Restrict inbound traffic to the broker, allowing only trusted hosts or networks to connect, to reduce exposure before the patch can be applied.
Configure JVM or container memory limits and implement monitoring for OOM events, so that the broker can be restarted automatically or prevented from crashing due to excessive allocation.

Generated by OpenCVE AI on June 30, 2026 at 15:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://lists.apache.org/thread/nxso951fnvf72qf9m475mpz4yf931xk0

History

Tue, 30 Jun 2026 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 30 Jun 2026 10:45:00 +0000

Type	Values Removed	Values Added
Description		Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker. This issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.
Title		Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation
Weaknesses		CWE-789
References		https://lists.apache.org/thread/nxso951fnvf72qf9m475mpz4yf931xk0

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2026-06-30T09:53:03.435Z

Updated: 2026-06-30T12:32:25.918Z

Reserved: 2026-06-05T17:01:29.414Z

Link: CVE-2026-50734

Vulnrichment

Updated: 2026-06-30T11:06:17.570Z

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-30T16:00:15Z

Weaknesses

CWE-789
Memory Allocation with Excessive Size Value

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object