What is GHSA-rf99-f9j2-gv3f?

GHSA-rf99-f9j2-gv3f is a security advisory published by GitHub Security Advisories with Medium severity. A vulnerability exists in Apache Artemis whereby an application using the STOMP protocol with...

Which CVE IDs does GHSA-rf99-f9j2-gv3f cover?

GHSA-rf99-f9j2-gv3f covers the following CVE IDs: CVE-2026-40914. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-rf99-f9j2-gv3f?

GHSA-rf99-f9j2-gv3f has a CVSS v3 base score of 4.3, published by GitHub Security Advisories.

GHSA-rf99-f9j2-gv3fMediumCVSS 4.3

A vulnerability exists in Apache Artemis whereby an application using the STOMP protocol with...

Vendor

GitHub Security Advisories

Published

May 28, 2026

Last Modified

May 29, 2026

🔗 CVE IDs covered (1)

CVE-2026-40914 →

📋 Description

A vulnerability exists in Apache Artemis whereby an application using the STOMP protocol with security credentials that grant either the consume or send permission on an address can augment the routing-type supported by that address even if said user doesn't have the createAddress permission for that particular address. A user could successfully send a message to an address or consume a message from a queue with a routing-type not supported by the corresponding address when that operation should actually be rejected on the basis that the user doesn't have permission to change the routing-type of the address. Even though the user was already granted permission to send and/or consume messages, they should not be able to augment the routing-type of the address without the createAddress permission.

This issue affects Apache Artemis: from 2.50.0 through 2.53.0; Apache ActiveMQ Artemis: from 2.0.0 through 2.44.0.

Users are recommended to upgrade to version 2.54.0, which fixes the issue.

🔗 CVE IDs covered (1)

📋 Description

🔗 References (4)