CVE-2023-46604

ENISA EUVD: EUVD-2023-2719 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 20, 2026 12 articles Published: 2023-10-27

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

94.44%

probability

This CVE has a 94.44% probability of being exploited in the next 30 days.

0% Top 100.0th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

CRITICAL

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

Description

VulnerabilityLookup (CNA)

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.

Affected Products

Apache Software Foundation

Apache ActiveMQ

5.18.0 5.17.0 5.16.0 0

Apache Software Foundation

Apache ActiveMQ Legacy OpenWire Module

5.18.0 5.17.0 5.16.0 5.8.0

apache

activemq

apache

activemq legacy openwire module

debian

debian linux

netapp

e-series santricity unified manager

netapp

e-series santricity web services proxy

Apache Software Foundation

Apache ActiveMQ

5.16.0 <5.16.7

Apache Software Foundation

Apache ActiveMQ Legacy OpenWire Module

5.8.0 <5.15.16

Apache Software Foundation

Apache ActiveMQ

5.18.0 <5.18.3

Apache Software Foundation

Apache ActiveMQ Legacy OpenWire Module

5.17.0 <5.17.6

Apache Software Foundation

Apache ActiveMQ Legacy OpenWire Module

5.16.0 <5.16.7

Apache Software Foundation

Apache ActiveMQ Legacy OpenWire Module

5.18.0 <5.18.3

Apache Software Foundation

Apache ActiveMQ

5.17.0 <5.17.6

Apache Software Foundation

Apache ActiveMQ

0 <5.15.16

Attack Intelligence

CWE-502 · Deserialization of Untrusted Data CWE-664 · Improper Control of a Resource Through its Lifetime CWE-913 · Improper Control of Dynamically-Managed Code Resources

Exploits & PoC

SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ

Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)

127 2024-01-20

Catherines77/ActiveMQ-EXPtools

Apache ActiveMQ漏洞综合利用工具(CVE-2015-5254，CVE-2016-3088，CVE-2022-41678，CVE-2023-46604，CVE-2024-32114，CVE-2026-34197，CVE-2026-40466)

56 2026-05-15

Arlenhiack/ActiveMQ-RCE-Exploit

ActiveMQ RCE (CVE-2023-46604) 回显利用工具

43 2024-09-13

evkl1d/CVE-2023-46604

40 2023-11-06

trganda/ActiveMQ-RCE

CVE-2023-46604

29 2023-10-26

duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell

This script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell. The vulnerability allows for remote code execution due to unsafe de

18 2024-01-24

justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp

CVE-2023-46604 Apache ActiveMQ RCE exp 基于python

5 2023-11-08

vulncheck-oss/cve-2023-46604

A go-exploit for Apache ActiveMQ CVE-2023-46604

4 2025-02-17

h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up

3 2023-11-09

NKeshawarz/CVE-2023-46604-RCE

3 2023-11-18

LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence

CVE-2023-46604环境复现包

2 2023-11-16

dcm2406/CVE-Lab

Instructions for exploiting vulnerabilities CVE-2021-44228 and CVE-2023-46604

2 2024-03-20

mrpentst/CVE-2023-46604

Exploit for CVE-2023-46604

2 2024-02-24

RockyDesigne/SSP-Assignment-3-RCEYouLater

A PoC for CVE-2023-46604 written as part of SPS class for the Advanced Cyber Security master's at UPB.

2 2026-01-10

minhangxiaohui/ActiveMQ_CVE-2023-46604

1 2023-11-20

stegano5/ExploitScript-CVE-2023-46604

1 2024-02-14

pulentoski/CVE-2023-46604

El script explota una vulnerabilidad de deserialización insegura en Apache ActiveMQ (CVE-2023-46604)

1 2024-05-31

skrkcb2/CVE-2023-46604

1 2025-02-27

vaishnavucv/Project-Vuln-Detection-N-Mitigation_101

Vulnerability Detection and Mitigation Apache ActiveMQ | Security Architectures and Systems Administration - on - Apache ActiveMQ Deserialization Remo

1 2025-09-08

vjayant93/CVE-2023-46604-POC

POC repo for CVE-2023-46604

0 2023-11-16

CrackerCat/ActiveMQ_RCE_Pro_Max

CVE-2023-46604

0 2023-11-03

nitzanoligo/CVE-2023-46604-demo

0 2024-11-05

dcm2406/CVE-2023-46604

0 2023-12-21

Mudoleto/Broker_ApacheMQ

CVE-2023-46604 - ApacheMQ Version 5.15.5 Vulnerability Machine: Broker

0 2023-12-26

tomasmussi/activemq-cve-2023-46604

Repository to exploit CVE-2023-46604 reported for ActiveMQ

0 2025-01-21

thinkycx/activemq-rce-cve-2023-46604

activemq-rce-cve-2023-46604

0 2024-04-26

mranv/honeypot.rs

CVE-2023-46604 (Apache ActiveMQ RCE Vulnerability) and focused on getting Indicators of Compromise.

0 2024-07-22

cuanh2333/CVE-2023-46604

0 2024-12-15

CCIEVoice2009/CVE-2023-46604

0 2025-05-04

pavanaa4k/CVE-2023-46604-LAB

Detection, Exploit and Mitigation for CVE 2023 46604.

0 2025-11-15

sangrok-jeon/CVE-2023-46604-Analysis

Apache ActiveMQ OpenWire 역직렬화 RCE 취약점 기술 분석

0 2026-03-16

mkdemir/activemq-lockbit-analysis

Apache ActiveMQ (CVE-2023-46604) zafiyetinden LockBit ransomware aşamasına uzanan 419 saatlik sızma vakasının uçtan uca analizi, SIEM korelasyon kural

0 2026-03-30

Navya240/intel471-threat-hunting-cve-2023-46604

My first hands-on Intel 471 threat hunting workshop experience investigating CVE-2023-46604 using Elastic SIEM, vulnerability intelligence, and post-e

0 2026-04-30

KlaasStessens/CVE-2023-46604

Exploitation of CVE-2023-44604. Using a Kali Linux VM (attacker) and a Debian 11 server VM (victim)

0 2026-05-16

trnguyen03/activemq-ids-ips-lab

IDS/IPS lab for detecting and preventing Apache ActiveMQ RCE (CVE-2023-46604) using GVM, Nmap, Snort, iptables, and UFW.

0 2026-05-02

35 repos — triés par ⭐ Rechercher sur GitHub ↗

https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt

vendor-advisory

https://www.openwall.com/lists/oss-security/2023/10/27/5

https://security.netapp.com/advisory/ntap-20231110-0010/

https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html

https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html

http://seclists.org/fulldisclosure/2024/Apr/18

Signal Intelligence

Confidenceⓘ

92%

EPSS 94.44%

CVSS v3.1 10

Mentions 12

Last Seen Apr 21, 2026

CNA Information

CNA Assigner

apache

CNA Title

Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack

Analyst Note

CVE-2023-46604 is a critical Apache ActiveMQ RCE vulnerability (CVSS 10.0) with multiple confirmed in-the-wild exploitation reports from mid-2023, including active malware deployment (GoTitan botnet, Kinsing, HelloKitty ransomware) before patches were widely available. The 'recently disclosed' language and rapid exploitation timeline confirm zero-day status.