{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T17:18:26.191","vulnerabilities":[{"cve":{"id":"CVE-2026-24457","sourceIdentifier":"emo@eclipse.org","published":"2026-03-05T19:16:02.780","lastModified":"2026-04-15T13:30:43.413","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved."},{"lang":"es","value":"Un análisis inseguro de la configuración de OpenMQ permite a un atacante remoto leer archivos arbitrarios de un servidor de MQ Broker. Una explotación completa podría leer archivos no autorizados del sistema operativo anfitrión de OpenMQ. En algunos escenarios se podría lograr RCE."}],"metrics":{"cvssMetricV31":[{"source":"emo@eclipse.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"emo@eclipse.org","type":"Primary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-27"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eclipse:openmq:*:*:*:*:*:*:*:*","versionEndIncluding":"6.5.1","matchCriteriaId":"D0C54C08-8788-4481-97CC-EAFFC7702412"}]}]}],"references":[{"url":"https://gitlab.eclipse.org/security/cve-assignment/-/issues/84","source":"emo@eclipse.org","tags":["Vendor Advisory"]}]}}]}