‼️ CVE-2026-34197: 13-Year-Old Apache ActiveMQ RCE via Jolokia API Surfaces for In-the-Wild Attac...

Summary

A critical remote code execution vulnerability in Apache ActiveMQ's Jolokia API (CVE-2026-34197) has surfaced in active, in-the-wild exploitation. The vulnerability, reportedly present for 13 years, allows unauthenticated attackers to execute arbitrary commands on affected systems. This disclosure highlights a significant risk to organizations running legacy or unpatched ActiveMQ instances.

Indicators of Compromise

• cve — CVE-2026-34197

Entities