Auth bypass in Rabbitmq Rabbitmq-server

CVE-2026-57218

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, RabbitMQ AMQP 0-9-1 allows an existing consumer to keep receiving messages after OAuth token expiry or connection.update_secret refresh to reduced scopes because existing consum…

Vulnerability class: Broken Access Control

Affected products

Weakness classification (CWE)

References