A recently exposed vulnerability in Apache ActiveMQ Classic, designated as CVE-2026-34197, is being actively exploited by attackers. This vulnerability, which has been part of the software's code for 13 years, allows authenticated users to execute arbitrary code through the Jolokia API. The vulnerability was patched with the release of versions 5.19.5 and 6.2.3. Despite requiring authentication, many Apache ActiveMQ instances are at risk due to the use of default credentials that are widely known. An additional concern is the potential for CVE-2026-34197 to be combined with another older vulnerability, CVE-2024-32114, to achieve unauthenticated remote code execution. The Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog and has mandated federal agencies to apply the patch by April 30. Although specific attack details remain elusive, Fortinet has reported numerous exploitation attempts recently. Organizations using Apache ActiveMQ should act promptly to secure their systems by upgrading and changing credentials.