Security · 1h ago
RabbitMQ Flaws Expose OAuth Secrets, Risk Cross-Tenant Data Leaks
Two access control flaws in RabbitMQ could leak OAuth client secrets and expose cross-tenant queue metadata. Discovered by Miggo, the vulnerabilities allow attackers to bypass tenant boundaries and compromise enterprise messaging infrastructure. Patches are available; users should update immediately.
Meridian48 take
While RabbitMQ is widely used, these flaws underscore how easily message brokers can become a weak link in enterprise security if access controls aren't rigorously audited.
Read the full reporting
RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata →
The Hacker News
rabbitmqoauth-secrets