CVE-2026-57211 in RabbitMQinfo

Zusammenfassung

von MITRE • 10.07.2026

RabbitMQ is a messaging and streaming broker. Prior to 4.1.11 and 4.2.6 on Windows, the RabbitMQ management plugin static file handler rabbit_mgmt_wm_static can pass URL-encoded backslashes to erl_prim_loader:read_file_info before path validation when multiple management extension plugins are enabled, causing outbound DNS and SMB requests to attacker-controlled UNC paths. This issue is fixed in versions 4.1.11 and 4.2.6.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Zuständig

GitHub M

Reservieren

24.06.2026

Veröffentlichung

10.07.2026

Moderieren

akzeptiert

Eintrag

VDB-377626

CPE

bereit

EPSS

0.00000

KEV

nein

Aktivitäten

very low

Quellen

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!