CVE-2026-33227 β Improper validation and restriction of a classpath path name vulnerability inβ¦
Image via images.unsplash.com
π¨ CVE-2026-33227 Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. In two instances (when creating a Stomp consumer and also browsing messages in the Web console) an authenticated user provided "key" va
What This Means For You
- Affects Microsoft ecosystem β check your Windows/Azure environments.
- New vulnerability disclosed β verify if your stack is exposed.
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-33227 | Path Traversal | Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. Vulnerability occurs when creating a Stomp consumer. Improper validation and restriction of a classpath path name. |
| CVE-2026-33227 | Path Traversal | Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. Vulnerability occurs when browsing messages in the Web console. Improper validation and restriction of a classpath path name. |
π Recommended Tools
Source & Attribution
| Source Platform | Telegram |
| Channel | CVE Notify |
| Channel ID | 1129491012 |
| Message ID | 158269 |
| Published | April 07, 2026 at 12:27 UTC |
| Original Link | https://activemq.apache.org/security-advisories.data/CVE-... |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Found this interesting? Follow us to stay ahead.
Share