Apache Software Foundation Apache Artemis vulnerabilities

CVE-2026-32642 [LOW] CWE-863 CVE-2026-32642: Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists wh Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue" permission but does not have the "createAddress" permissi

CVE-2026-27446 [CRITICAL] CWE-306 Apache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federation Apache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federation Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This c