CVE-2026-33227 β Improper validation and restriction of a classpath path name vulnerability inβ¦
Image via images.unsplash.com
π¨ CVE-2026-33227 Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. In two instances (when creating a Stomp consumer and also browsing messages in the Web console) an authenticated user provided "key" va
What This Means For You
- Affects Microsoft ecosystem β check your Windows/Azure environments.
- New vulnerability disclosed β verify if your stack is exposed.
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-33227 | Path Traversal | Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. Vulnerability occurs when creating a Stomp consumer. Improper validation and restriction of a classpath path name. |
| CVE-2026-33227 | Path Traversal | Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. Vulnerability occurs when browsing messages in the Web console. Improper validation and restriction of a classpath path name. |
Source & Attribution
| Source Platform | Telegram |
| Channel | CVE Notify |
| Published | April 07, 2026 at 12:27 UTC |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Related coverage
Trend Micro Apex One Zero-Day Under Active Exploitation
Trend Micro has confirmed a zero-day vulnerability in its Apex One security product, actively exploited on Windows systems. BleepingComputer reports that this critical flaw allows...
Ubiquiti Patches Three Max Severity UniFi OS Vulnerabilities
Ubiquiti has rolled out critical security updates addressing three maximum severity vulnerabilities in UniFi OS. BleepingComputer reports these flaws, tracked as CVE-2023-48092, CVE-2023-48093, and CVE-2023-48094,...
Windows Kernel Drivers Can Be Exploited Without Hardware, The Hacker News Reports
The Hacker News has detailed a significant security concern: many Windows kernel mode drivers can be exploited from user mode without requiring the specific hardware...