A critical RabbitMQ vulnerability (CVE-2026-5721) can expose OAuth secrets, threatening enterprise security. This flaw allows attackers to impersonate users and gain unauthorized access to sensitive information when the management port is accessible.
A vulnerability has been identified in RabbitMQ, a widely-used open source message broker, tracked as CVE-2026-5721. This issue can allow unauthorized access to the broker's OAuth secret through an unprotected management endpoint.
The CVSS score for this vulnerability is 8.7, indicating a high level of risk. It is particularly concerning for organizations where the management port is accessible from untrusted networks.
The flaw is found in an obsolete endpoint of RabbitMQβs management web interface that can return the OAuth secret without any authentication. Attackers who can access the management port can exploit this to impersonate the broker to identity providers.
If successful, they could retrieve administrator tokens, allowing control over user accounts, message flows, queues, and various broker settings. This becomes particularly critical where OAuth 2/OIDC providers such as Auth0, Azure AD, Keycloak, or UAA are used.
RabbitMQ instances are only vulnerable if they expose the management plugin with the secret configured, particularly in cloud or multi-tenant environments. If a client secret is not configured, the instance is not at risk. The vulnerability was patched in RabbitMQ versions 4.3.0, 4.2.6, 4.1.11, 4.0.20, and 3.13.15.
In addition to CVE-2026-5721, the update resolves CVE-2026-5722, a medium-severity flaw that allows authenticated users to enumerate queues and exchanges. This could enable attackers to gather intelligence on organizational activities and operations.
Organizations are advised to apply the updates immediately and restrict access to vulnerable deployments while finalizing the patches.
Organizations using RabbitMQ should ensure their deployments are patched to the latest versions to mitigate this vulnerability. They should also restrict the management interface from being exposed to the internet and implement network segmentation as additional protective measures.
Regular rotation of OAuth secrets is also recommended as a best practice to further protect against potential exploitation of this vulnerability.
β¨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β check the original sources. How BrevFeed works β
A critical RabbitMQ vulnerability (CVE-2026-5721) can expose OAuth secrets, threatening enterprise security. This flaw allows attackers to impersonate users and gain unauthorized access to sensitive information when the management port is accessible.