CVE-2026-24457

Critical

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full…

eclipse·CWE-22·Published 2026-03-05

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

236 chars

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.

NVDen

236 chars

NVDes

282 chars

Un análisis inseguro de la configuración de OpenMQ permite a un atacante remoto leer archivos arbitrarios de un servidor de MQ Broker. Una explotación completa podría leer archivos no autorizados del sistema operativo anfitrión de OpenMQ. En algunos escenarios se podría lograr RCE.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	9.1	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H