TLS Hostname Verification Vulnerability in OpenStack's Messaging Driver
CVE-2026-44393

7.4HIGH

Key Information:

Vendor: OpenStack
Status: oslo.messaging
Vendor: CVE Published:; 4 June 2026

What is CVE-2026-44393?

A vulnerability exists in OpenStack's oslo.messaging component, specifically in its RabbitMQ driver, where TLS hostname verification is bypassed during connections to the message broker. The issue arises when the ssl_ca_file is set; while certificate chain validation is enabled, the driver fails to check the broker's hostname. Consequently, any certificate issued by the deployment's CA can be accepted, regardless of the hostname presented. This flaw enables potential attackers to intercept control-plane traffic, impersonating the RabbitMQ broker and executing man-in-the-middle attacks on both RPC and notification channels. All OpenStack services utilizing oslo.messaging with RabbitMQ over TLS are susceptible to this vulnerability.

References

https://bugs.launchpad.net/oslo.messaging/+bug/2150316

https://wiki.openstack.org/wiki/OSSN/OSSN-0096

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 4, 2026
Vulnerability Reserved
May 5, 2026

CVE-2026-44393 Data

JSON