CVE-2026-42402
CVE-2026-42402 describes a Denial of Service in Apache Neethi due to algorithmic complexity in policy normalization. Crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion, causing unbounded memory growth and JVM heap exhaustion during normalization when too many...