Lucene search
K

4 matches found

NVD
NVD
added 6 hours ago6 views

CVE-2026-43865

Deserialization of Untrusted Data vulnerability in Apache Camel Hazelcast component. The camel-hazelcast component creates and manages Hazelcast instances using a default configuration that applies no Java deserialization filter. When Camel builds the Hazelcast Config itself - that is, when no...

Exploits0References2
Cvelist
Cvelist
added 7 hours ago6 views

CVE-2026-43865 Apache Camel: Camel-Hazelcast: Unsafe Java deserialization in default-configured managed Hazelcast instances enables remote code execution

Deserialization of Untrusted Data vulnerability in Apache Camel Hazelcast component. The camel-hazelcast component creates and manages Hazelcast instances using a default configuration that applies no Java deserialization filter. When Camel builds the Hazelcast Config itself - that is, when no...

Exploits0References1
ATTACKERKB
ATTACKERKB
added 7 hours ago2 views

CVE-2026-43865

Deserialization of Untrusted Data vulnerability in Apache Camel Hazelcast component. The camel-hazelcast component creates and manages Hazelcast instances using a default configuration that applies no Java deserialization filter. When Camel builds the Hazelcast Config itself - that is, when no...

6.3AI score
Exploits0References2Affected Software1
CVE
CVE
added 7 hours ago6 views

CVE-2026-43865

CVE-2026-43865 : In Apache Camel’s Hazelcast component, default Hazelcast instance creation can deserialize untrusted data via ObjectInputStream.readObject because no JavaSerializationFilter is applied by default in Camel’s generated Config. This enables remote code execution when an attacker can...

6.3AI score
Exploits0References2
Rows per page
Query Builder