Uncontrolled Memory Allocation in ActiveMQ - CVE-2026-53917
Published: July 1, 2026
ActiveMQ
Detailed vulnerability description
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to memory allocation with excessive size value in OpenWire message property map unmarshalling when processing a crafted OpenWire message with a large encoded map size value. A remote user can send a specially crafted OpenWire message to cause a denial of service.
The issue can trigger out-of-memory conditions and crash the broker.