org.apache.camel/camel-infinispan: Apache Camel camel-infinispan: Arbitrary code execution via deserialization of untrusted data

A flaw was found in the camel-infinispan component of Apache Camel. A remote attacker, with the ability to write to the Infinispan cache, can inject a specially crafted serialized Java object. When this object is deserialized during normal aggregation repository operations, it can lead to arbitra...

camel-infinispan: camel-infinispan: Remote Code Execution via Unsafe Deserialization

A flaw was found in camel-infinispan. This vulnerability involves unsafe deserialization in the ProtoStream remote aggregation repository. A remote attacker with low privileges could exploit this by sending specially crafted data, leading to arbitrary code execution. This allows the attacker to...

Unity Linux 20.1070e Security Update: infinispan (UTSA-2026-016716)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016716 advisory. It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker cou...

Unity Linux 20.1070e Security Update: infinispan (UTSA-2026-016712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016712 advisory. The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this...

camel-infinispan: camel-infinispan: Remote Code Execution via Unsafe Deserialization

A flaw was found in camel-infinispan. This vulnerability involves unsafe deserialization in the ProtoStream remote aggregation repository. A remote attacker with low privileges could exploit this by sending specially crafted data, leading to arbitrary code execution. This allows the attacker to...

org.apache.camel/camel-infinispan: Apache Camel camel-infinispan: Arbitrary code execution via deserialization of untrusted data

A flaw was found in the camel-infinispan component of Apache Camel. A remote attacker, with the ability to write to the Infinispan cache, can inject a specially crafted serialized Java object. When this object is deserialized during normal aggregation repository operations, it can lead to arbitra...

GHSA-MJ4R-2HFC-F8P6 vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, wildfly, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, zookeeper, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0,...

CVE-2026-42583 vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, wildfly, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, zookeeper, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0,...

CVE-2026-42587 vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, wildfly, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0, neo4j,...

GHSA-XXQH-MFJM-7MV9 vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0, neo4j,...

GHSA-57RV-R2G8-2CJ3 vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0, neo4j,...

GHSA-M4CV-J2PX-7723 vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0, neo4j,...

CVE-2026-42581 vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0, neo4j,...

CVE-2026-42585 vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0, neo4j,...

GHSA-38F8-5428-X5CV vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0, neo4j,...

GHSA-F6HV-JMP6-3VWV vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, wildfly, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0, neo4j,...

CVE-2026-42584 vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0, neo4j,...

CVE-2026-42580 vulnerabilities

Vulnerabilities for packages: spark, keycloak, apache-nifi, opensearch, docker-selenium, thingsboard, zipkin, logstash, druid, wavefront-proxy, apache-activemq-artemis, selenium, apache-pulsar, trino, akhq, infinispan, kserve-modelmesh, management-api-for-apache-cassandra-5.0, neo4j,...

CVE-2026-42579 vulnerabilities

Vulnerabilities for packages: spark, druid, flyway, keycloak, management-api-for-apache-cassandra-5.0, akhq, apache-nifi, strimzi-kafka-operator, apicurio-registry, apache-pulsar, tez, infinispan, opensearch, thingsboard, zipkin, wildfly, trino...

GHSA-CM33-6792-R9FM vulnerabilities

Vulnerabilities for packages: spark, druid, flyway, keycloak, management-api-for-apache-cassandra-5.0, akhq, apache-nifi, strimzi-kafka-operator, apicurio-registry, apache-pulsar, tez, infinispan, opensearch, thingsboard, zipkin, wildfly, trino...