Improper access control in RabbitMQ Server - CVE-2026-57217

 

Improper access control in RabbitMQ Server - CVE-2026-57217

Published: June 25, 2026


Vulnerability identifier: #VU135151
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-57217
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: VMware, Inc
Affected software:
RabbitMQ Server

Detailed vulnerability description

The vulnerability allows a remote user to bypass topic authorization and route messages across tenant boundaries.

The vulnerability exists due to improper access control in the topic-permission lookup handling in the internal authorization backend when processing topic publish or bind operations during metadata-store lookup failures. A remote user can trigger topic operations while Khepri returns timeout or error results to bypass topic authorization and route messages across tenant boundaries.

The issue occurs only during the Khepri lookup error window, where denied operations become allowed until metadata lookup recovers.


How to mitigate CVE-2026-57217

Install security update from vendor's website.

Sources