Resource exhaustion in ActiveMQ - CVE-2026-50750
Published: July 1, 2026
ActiveMQ
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to uncontrolled resource consumption in the OpenWire broker handling logic when processing repeated BrokerInfo commands without a ConnectionInfo. A remote attacker can send repeated BrokerInfo commands to cause a denial of service.
The issue can exhaust memory and crash the broker.