An AI-powered vulnerability-hunting effort helped security researchers discover a flaw in Apache ActiveMQ Classic that they claim was “hiding in plain sight” for over a decade.
Horizon3.ai chief architect, Naveen Sunkavally, explained in a blog post, published on April 7, that remote code execution (RCE) bug CVE-2026-34197 should be treated as a high priority for organizations running the open source message broker.
“An attacker can invoke a management operation through ActiveMQ’s Jolokia API to trick the broker into fetching a remote configuration file and running arbitrary OS commands,” he explained.
“The vulnerability requires credentials, but default credentials (admin:admin) are common in many environments. On some versions (6.0.0-6.1.1), no credentials are required at all due to another vulnerability, CVE-2024-32114, which inadvertently exposes the Jolokia API without authentication. In those versions, CVE-2026-34197 is effectively an unauthenticated RCE.”
Read more on Apache ActiveMQ vulnerabilities: Flaw in Apache ActiveMQ Exposes Linux Systems to Kinsing Malware.
CVE-2026-34197 was patched in ActiveMQ Classic versions 5.19.4 and 6.2.3, so it’s recommended that users update and ensure no default credentials are in use.
Organizations concerned they may have been compromised via the RCE bug should look in their ActiveMQ broker logs for network connector activity referencing vm:// URIs with brokerConfig=xbean:http.
Other indicators of compromise include:
- POST requests to /api/jolokia/ containing addNetworkConnector in the request body
- Outbound HTTP requests from the ActiveMQ broker process to unexpected hosts
- Unexpected child processes spawned by the ActiveMQ Java process
AI Finds the Flaw
The discovery of CVE-2026-34197 was “80% Claude,” Anthropic’s AI and “20% gift-wrapping by a human,” Sunkavally explained.
“These days I always use Claude to take a first pass at source code for vulnerability hunting. I prompt it lightly and set up a target on the network for it to validate findings,” he said.
“A lot of the time, Claude finds interesting stuff but it doesn’t quite rise to the level of a CVE I’d bother reporting. In this case, it did a great job, with nothing more than a couple of basic prompts.”
The flaw had lain hidden for 13 years partly because it involved multiple components developed independently over that time, Sunkavally said. In isolation, each feature looked fine, but they became dangerous when chained together.
“This is exactly where Claude shone – efficiently stitching together this path end to end with a clear head free of assumptions,” he continued. “Something that would have probably taken me a week manually took Claude 10 minutes.”
Sunkavally urged appsec engineers and developers to use tools like Claude in their work, claiming that “anyone with a security background can take advantage.”
