CVE-2026-44839
4.8 MEDIUMRabbitMQ is a messaging and streaming broker
Published: 2026-05-27 · Last updated: 2026-06-04
Severity and scoring
- CVSS
- 4.8 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
- CWE
- CWE-80
Affected products
| Vendor | Product |
|---|---|
| broadcom | rabbitmq_server |
Description
RabbitMQ is a messaging and streaming broker. From 3.7.0 to before 4.1.2 and 4.0.13, This vulnerability is fixed in 4.1.2 and 4.0.13.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-44838 — RabbitMQ is a messaging and streaming broker (8.1 HIGH)
- CVE-2022-23305 — By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are conv... (9.8 CRITICAL)
- CVE-2022-23302 — JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j c... (8.8 HIGH)
- CVE-2018-6439 — A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.... (7.8 HIGH)
Same CWE
- CVE-2026-46492 — md-fileserver allows for local viewing of markdown files in a browser (7.2 HIGH)
- CVE-2026-34033 — Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache Answer (5.4 MEDIUM)
- CVE-2026-11511 — A weakness has been identified in Bolt CMS up to 3.7.5 (3.5 LOW)
- CVE-2026-9646 — A reflected cross-site scripting issue exists in URL handling (6.1 MEDIUM)
- CVE-2026-39642 — Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in SpabRice Nyla allows Code Injection (5.3 MEDIUM)