The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of active exploitation of the Apache ActiveMQ vulnerability (CVE-2026-34197). CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog, urging users to patch before April 30, 2026. Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code on vulnerable installations.