Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/05/25 10:36 p.m.12 views

CVE-2026-40473

A flaw was found in the camel-mina component of Apache Camel. This vulnerability allows a remote attacker to achieve arbitrary code execution by sending a specially crafted serialized Java object over the network to the MINA consumer port. The MinaConverter.toObjectInput type converter, used when...

8.8CVSS6.4AI score0.00926EPSS
Exploits2References5
Github Security Blog
Github Security Blog
added 2026/04/27 9:34 a.m.11 views

Camel-MINA Vulnerable to Deserialization of Untrusted Data

The camel-mina component's MinaConverter.toObjectInputIoBuffer type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or UDP consumer and requests conversion to ObjectInput f...

8.8CVSS6.3AI score0.00926EPSS
Exploits2References11Affected Software1
NVD
NVD
added 2026/04/27 9:16 a.m.7 views

CVE-2026-40473

The camel-mina component's MinaConverter.toObjectInputIoBuffer type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or UDP consumer and requests conversion to ObjectInput f...

8.8CVSS0.00926EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2026/04/27 7:51 a.m.6 views

CVE-2026-40473

The camel-mina component's MinaConverter.toObjectInputIoBuffer type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or UDP consumer and requests conversion to ObjectInput f...

6.2AI score0.00926EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.13 views

PT-2026-35371

Name of the Vulnerable Software and Affected Versions Apache Camel versions 3.0.0 through 4.14.5 Apache Camel versions 4.15.0 through 4.18.1 Apache Camel versions 4.19.0 through 4.19.9 Description The camel-mina component contains a flaw in the MinaConverter.toObjectInputIoBuffer function where i...

9CVSS7.4AI score0.00926EPSS
Exploits2References24
Rows per page
Query Builder