CVE-2026-49365
- EPSS 0.36%
- Veröffentlicht 06.07.2026 08:11:49
- Zuletzt bearbeitet 09.07.2026 03:04:17
Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component. The camel-netty-http HTTP server consumer exposes a muteException option that controls what is returned to the client when a route proce...
CVE-2026-49099
- EPSS 0.34%
- Veröffentlicht 06.07.2026 08:11:30
- Zuletzt bearbeitet 08.07.2026 03:10:36
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel Salesforce Component. The camel-salesforce producer resolves its opera...
CVE-2026-49098
- EPSS 0.39%
- Veröffentlicht 06.07.2026 08:10:43
- Zuletzt bearbeitet 08.07.2026 03:11:33
Improper Input Validation, Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache Camel Kafka Component. The camel-kafka producer can override its configured target topic at runtime...
CVE-2026-49097
- EPSS 0.43%
- Veröffentlicht 06.07.2026 08:10:26
- Zuletzt bearbeitet 08.07.2026 03:12:14
Improper Input Validation, Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache Camel IRC component. The camel-irc producer chooses the destination of an outgoing IRC message from...
CVE-2026-49086
- EPSS 0.43%
- Veröffentlicht 06.07.2026 08:10:06
- Zuletzt bearbeitet 08.07.2026 14:53:56
Improper Input Validation, Unintended Proxy or Intermediary ('Confused Deputy') vulnerability in Apache Camel DAPR component. The camel-dapr Dapr Pub/Sub consumer (DaprPubSubConsumer) copied two fields from each inbound CloudEvent - its Pub/Sub comp...
CVE-2026-48206
- EPSS 0.35%
- Veröffentlicht 06.07.2026 08:09:09
- Zuletzt bearbeitet 08.07.2026 03:14:18
Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel JIRA component. The camel-jira producers read their operation parameters - the issue key, project key, transition id, summary, type, assignee, ...
CVE-2026-48205
- EPSS 0.37%
- Veröffentlicht 06.07.2026 08:08:19
- Zuletzt bearbeitet 08.07.2026 03:14:28
Improper Input Validation, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel DNS component. The camel-dns producers read DNS operation parameters - the resolver to query, the name or domain to look up, the record type and class, and t...
CVE-2026-48204
- EPSS 0.45%
- Veröffentlicht 06.07.2026 08:06:52
- Zuletzt bearbeitet 08.07.2026 03:14:37
Improper Input Validation, Improper Access Control vulnerability in Apache Camel in Camel Mongodb Gridfs component. The camel-mongodb-gridfs producer selects the GridFS operation to perform from the gridfs.operation Exchange header when the endpoint...
CVE-2026-48203
- EPSS 0.37%
- Veröffentlicht 06.07.2026 08:06:22
- Zuletzt bearbeitet 08.07.2026 03:14:47
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), Improper Input Validation, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel Solr component. The camel-solr producer copies Exchange m...
CVE-2026-46726
- EPSS 0.54%
- Veröffentlicht 06.07.2026 08:05:40
- Zuletzt bearbeitet 08.07.2026 14:54:13
Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel in Vertx Websocket component. The camel-vertx-websocket consumer mapped inbound WebSocket query a...