CVE-2026-57220 in RabbitMQinfo

Summary

by MITRE • 07/10/2026

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, the RabbitMQ stream listener does not enforce the configured stream frame-size limit while assembling frames during authentication and before Tune negotiation, allowing an unauthenticated remote client to declare oversized frame lengths and consume broker memory in rabbit_stream_core. This issue is fixed in version 4.2.6.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 07/10/2026

The vulnerability in RabbitMQ versions prior to 4.2.6 represents a critical memory exhaustion flaw within the stream listener component that operates during the authentication phase before proper connection tuning negotiations occur. This weakness allows unauthenticated remote attackers to exploit the system by declaring oversized frame lengths, effectively bypassing the configured stream frame-size limits that are normally enforced during normal operational conditions. The vulnerability specifically targets the rabbit_stream_core module where frame assembly occurs, creating a window of opportunity for malicious actors to consume excessive broker memory resources.

This flaw directly relates to CWE-400 which defines weaknesses related to resource exhaustion and improper handling of input data. The attack vector operates through the authentication process where the system does not validate frame size limits before fully establishing connection parameters. During this vulnerable phase, the stream listener accepts oversized frames without proper bounds checking, allowing memory consumption to spiral out of control as the broker attempts to assemble these malformed frames. The issue occurs before the Tune negotiation phase where normal protocol constraints would typically be enforced, creating a dangerous gap in the security model.

The operational impact of this vulnerability extends beyond simple resource exhaustion to potentially cause complete service disruption or denial of service conditions within RabbitMQ brokers. Attackers can systematically consume memory resources through multiple connections, leading to broker crashes, performance degradation, or complete system unavailability. The memory consumption occurs in the core streaming module where frames are assembled for processing, making this attack particularly effective against systems handling high volumes of stream traffic. This vulnerability undermines the fundamental security principle of resource limiting and validation that should occur at every stage of connection establishment.

Mitigation strategies should focus on immediate patch deployment to version 4.2.6 or later where the frame-size limit enforcement has been properly implemented. Organizations should also consider implementing additional network-level controls such as connection rate limiting, monitoring for unusual frame size patterns, and establishing proper access controls to prevent unauthenticated connections from reaching the vulnerable stream listener component. The fix addresses the root cause by ensuring that stream frame-size limits are enforced during the authentication phase rather than waiting for the Tune negotiation phase where such validation would be too late to prevent memory exhaustion attacks. This vulnerability demonstrates the importance of implementing security controls at all layers of protocol handling, particularly in systems where resource consumption can be directly manipulated through protocol-level parameters.

Responsible

GitHub M

Reservation

06/24/2026

Disclosure

07/10/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!