RabbitMQ flaws expose OAuth secrets, risk complete takeover of the broker

Summary

RabbitMQ has patched two critical vulnerabilities, including one that exposed OAuth secrets to unauthenticated attackers. Successful exploitation of the more severe flaw (CVE-2026-57219) could allow attackers to gain complete control over the message broker and access or modify sensitive application data. The issues affected versions dating back to early 2024 and have now been fixed in all supported releases.

IFF Assessment

FOE

The vulnerabilities expose sensitive OAuth secrets, allowing unauthenticated attackers to potentially gain complete control of the RabbitMQ broker, which is a critical component for many enterprise applications.

Severity

8.7 High

The CVSS score of 8.7 reflects a high severity due to the potential for unauthorized access to sensitive OAuth client secrets, enabling attackers to compromise the entire messaging infrastructure and gain administrative control.

Defender Context

Defenders should prioritize patching RabbitMQ instances to versions 3.13.15, 4.0.20, 4.1.11, or 4.2.6 to mitigate the risk of OAuth secret exposure and broker takeover. This incident highlights the importance of regularly reviewing and securing all components in the application architecture, especially those handling sensitive authentication credentials.

Read Full Story →