Broadcom Rabbitmq Server — known CVE vulnerabilities
Every CVE whose affected-product data names Broadcom Rabbitmq Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2016-9877 — CVSS 9.8 (critical): An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before…
CVE-2026-44838 — CVSS 8.1 (high): RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using…
CVE-2021-22117 — CVSS 7.8 (high): RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with…
CVE-2017-4966 — CVSS 7.8 (high): An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and…
CVE-2019-11287 — CVSS 7.5 (high): Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to…
CVE-2020-5419 — CVSS 6.7 (medium): RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary…
CVE-2017-4967 — CVSS 6.1 (medium): An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and…
CVE-2017-4965 — CVSS 6.1 (medium): An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and…
CVE-2022-31008 — CVSS 5.5 (medium): RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation…
CVE-2025-50200 — CVSS 5.5 (medium): RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded…
CVE-2014-9650 — CVSS 5.0 (medium): CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject…
CVE-2026-44839 — CVSS 4.8 (medium): RabbitMQ is a messaging and streaming broker. From 3.7.0 to before 4.1.2 and 4.0.13, This vulnerability is fixed in 4.1.2 and 4.0.13.
CVE-2019-11291 — CVSS 4.8 (medium): Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and…
CVE-2014-9649 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to…