Home / Vulnerability Intelligence / CVE-2026-24457

CVE-2026-24457 - Vulnerability Analysis

CriticalCVSS: 9.1

Last Updated: March 5, 2026

OpenMQ - Information Disclosure & Remote Code Execution

Published: March 5, 2026Updated: March 5, 2026Remote Exploitable

Overview

OpenMQ contains an unsafe configuration parsing vulnerability that allows remote attackers to read arbitrary files from the MQ Broker's server, potentially leading to unauthorized file access and remote code execution.

Severity & Score

Severity: Critical

CVSS Score: 9.1

Impact

Remote attackers can read unauthorized files and potentially execute code, leading to full system compromise.

Mitigation

Update OpenMQ to the latest version to address unsafe configuration parsing.

References

https://gitlab.eclipse.org/security/cve-assignment/-/issues/84

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-24457
Severity: Critical
CVSS Score: 9.1
Type: undefined
Status: unconfirmed

CWE

CWE-22

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H