CVE-2026-24457

Critical CVSS: 9.1

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.

Vendor

Eclipse

Product

Open Message Queue

CWE

CWE-22

Yayın Tarihi

2026-03-05 19:16:02

Güncelleme

2026-03-10 19:52:11

Source Identifier

emo@eclipse.org

KEV Date Added

Kategoriler

CWE-22 Open Message Queue CRITICAL Eclipse 2026

Referanslar

https://gitlab.eclipse.org/security/cve-assignment/-/issues/84

Benzer Kayıtlar

High

CVE-2026-1605

In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed…

Low

CVE-2025-11143

The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Different…

Critical

CVE-2026-1699

In the Eclipse Theia Website repository, the GitHub Actions workflow .github/workflows/preview.yml used pull_request_tar…

Medium

CVE-2026-1188

In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all suppor…

High

CVE-2026-0648

The vulnerability stems from an incorrect error-checking logic in the CreateCounter() function (in threadx/utility/rtos_…

High

CVE-2025-55102

A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A special…