{"data":{"id":"176ca57c-5002-4f40-8f4f-53bc133ae696","title":"Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes","summary":"Claude, an AI assistant, discovered a critical remote code execution (RCE, where an attacker can run commands on a system they don't own) vulnerability in Apache ActiveMQ that had gone undetected for 13 years. The bug allows attackers to trick ActiveMQ's management API into loading a malicious file from the internet and executing arbitrary commands, especially if default login credentials are still in use. Claude identified the complete exploit chain in about 10 minutes, a task that would have taken a human researcher roughly a week.","solution":"CVE-2026-34197 has been addressed in newer ActiveMQ Classic releases (version 6.2.3 and 5.19.4). Users must upgrade to these patched versions to be protected.","labels":["security","research"],"sourceUrl":"https://www.csoonline.com/article/4157146/claude-uncovers-a-13%e2%80%91year%e2%80%91old-activemq-rce-bug-within-minutes.html","publishedAt":"2026-04-10T11:39:26.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Anthropic","Claude","Apache ActiveMQ"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-04-10T11:39:26.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":null,"llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}