CVE-2026-44839 exposes RabbitMQ management UI to cross-site scripting due to unsanitized vhost names, presenting significant risk to users.