CVE-2026-46588
- EPSS 0.4%
- Veröffentlicht 06.07.2026 09:36:25
- Zuletzt bearbeitet 08.07.2026 14:38:22
Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.14.8, 4.18.3, 4.21.0, which fixes the is...
CVE-2026-46587
- EPSS 0.4%
- Veröffentlicht 06.07.2026 09:35:31
- Zuletzt bearbeitet 08.07.2026 14:38:17
Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.14.8, 4.18.3, 4.21.0, which fixes the is...
CVE-2026-49042
- EPSS 0.4%
- Veröffentlicht 06.07.2026 09:34:48
- Zuletzt bearbeitet 08.07.2026 14:38:10
Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: from 4.8.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.18.3, 4.21.0, which fixes the issue.
CVE-2026-43866
- EPSS 0.5%
- Veröffentlicht 06.07.2026 08:35:04
- Zuletzt bearbeitet 07.07.2026 23:35:44
Deserialization of Untrusted Data vulnerability in Apache Camel, Apache Camel JMS component. JmsBinding.extractBodyFromJms() in camel-jms - and the equivalent JmsBinding in camel-sjms - deserializes the payload of an incoming JMS ObjectMessage via j...
CVE-2026-43867
- EPSS 0.69%
- Veröffentlicht 06.07.2026 08:24:10
- Zuletzt bearbeitet 07.07.2026 23:33:09
Deserialization of Untrusted Data vulnerability in Apache Camel PQC Component. The camel-pqc component persists post-quantum key metadata (KeyMetadata) through pluggable KeyLifecycleManager implementations. AwsSecretsManagerKeyLifecycleManager.deser...
CVE-2026-56140
- EPSS 0.31%
- Veröffentlicht 06.07.2026 08:16:00
- Zuletzt bearbeitet 09.07.2026 13:02:06
Improper Input Validation vulnerability in Apache Camel AWS SNS component. The camel-aws2-sns component filters Camel headers through a component-specific HeaderFilterStrategy, Sns2HeaderFilterStrategy. Like the sibling Sqs2HeaderFilterStrategy, it...
CVE-2026-56139
- EPSS 0.36%
- Veröffentlicht 06.07.2026 08:15:08
- Zuletzt bearbeitet 09.07.2026 03:03:18
Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processin...
CVE-2026-55994
- EPSS 0.4%
- Veröffentlicht 06.07.2026 08:13:59
- Zuletzt bearbeitet 09.07.2026 03:03:31
Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel in Iggy component. The camel-iggy consumer mapped the user-headers of inbound Iggy messages into ...
CVE-2026-55993
- EPSS 0.54%
- Veröffentlicht 06.07.2026 08:13:24
- Zuletzt bearbeitet 09.07.2026 03:03:47
Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel in Atmosphere Websocket Component. The camel-atmosphere-websocket consumer mapped inbound WebSock...
CVE-2026-53913
- EPSS 0.62%
- Veröffentlicht 06.07.2026 08:12:32
- Zuletzt bearbeitet 09.07.2026 03:03:58
Improper Authentication, Missing Authentication for Critical Function, Not Failing Securely ('Failing Open') vulnerability in Apache Camel Keycloak Component. The KeycloakSecurityPolicy of camel-keycloak guards a route by running KeycloakSecurityPro...