Is RabbitMQ affected by CVE-2025-26618? #13484
-
Describe the bugI am using Rabbitmq v4.0.5 and OTP v27.2.2. CVE-2025-26618 is reported in various versions of OTP and v27.2.2 is also affected. For more details refer : https://nvd.nist.gov/vuln/detail/CVE-2025-26618 Is RabbitMQ affected by this CVE ? If yes, please provide the details. Reproduction stepsRefer : https://nvd.nist.gov/vuln/detail/CVE-2025-26618 Expected behaviorRabbitmq should not be affected by the reported vulnerability in OTP. Additional contextNo response |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
@nikita96 please never ever file issues for questions in the repos where Discussions are enabled. RabbitMQ does not use SFTP or SSH, and will run on any compatible version of Erlang/OTP. So you can run it on a patched version, even though RabbitMQ specifically does not use the affected components. |
Beta Was this translation helpful? Give feedback.
@nikita96 please never ever file issues for questions in the repos where Discussions are enabled.
RabbitMQ does not use SFTP or SSH, and will run on any compatible version of Erlang/OTP. So you can run it on a patched version, even though RabbitMQ specifically does not use the affected components.