CVE-2026-43866
Summary: A deserialization bypass affects Apache Camel JMS components (camel-jms, camel-sjms, and JMS-family such as camel-amqp/activemq) where ObjectMessage payloads are deserialized via ObjectMessage.getObject() when mapJmsMessage is enabled. Despite a post-deserialization class check intended ...