CVE security advisories and vulnerability history for activemq by apache.
Last updated
apache activemq has 63 published CVE records since 2010, of which 3 are in CISA's Known Exploited Vulnerabilities catalog and 9 have a known public exploit. The average CVSS base score across scored CVEs is 6.5.
This page aggregates every publicly disclosed vulnerability (CVE) affecting apache activemq, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.
How the CVSS severity of apache activemq's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.
33 additional CVEs have no CVSS severity score.
In CISA’s Known Exploited Vulnerabilities catalog
3
3 of apache activemq's CVEs are confirmed exploited in the wild.
Public exploits
9
9 of apache activemq's CVEs have a known public exploit available.
Browse every apache activemq version named in a CVE, then pick one to see only the CVEs that affect it.
63 CVEs
Added to CISA KEV 2026-04-16
Added to CISA KEV 2023-11-02
Showing 30 of 63
The CWE weakness categories most often found in apache activemq CVEs. Follow any weakness for its full explanation.
How many apache activemq CVEs were published each year.
Browse vulnerabilities for other products by apache.
Common questions about apache activemq vulnerabilities.
apache activemq has 63 published CVE records since 2010.
Yes — 3 of apache activemq's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
Yes — 9 of apache activemq's CVEs have a known public exploit.
1,139 distinct apache activemq versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.
apache activemq's CVEs most often map to these CWE weakness types: CWE-502 (Deserialization of Untrusted Data), CWE-20 (Improper Input Validation), CWE-434 (Unrestricted Upload of File with Dangerous Type), CWE-94 (Improper Control of Generation of Code ('Code Injection')).
apache activemq has 2 critical and 8 high-severity CVEs.
The average CVSS base score across apache activemq's scored CVEs is 6.5.
Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.
Monitor new apache activemq vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.
