CVE-2026-41409 Apache MINA: CWE-502 Deserialization of Untrusted Data

The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a static initializer in a class to be read might already have been executed. Affected versions are Apache MINA 2.0.0 =...

CVE-2026-40048

The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of .key files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to java.security.KeyPair is evaluated only after readObject has...

CVE-2026-41635

Apache MINA's AbstractIoBuffer.resolveClass contains two branches, one of them for static classes or primitive types does not check the class at all, bypassing the classname allowlist and allowing arbitrary code to be executed. The fix checks if the class is present in the accepted class...

xss

CSS Style Sheet Mutation alert"This is a test" alert"...

CVE-2026-40860 Apache Camel: Unsafe Deserialization of JMS ObjectMessage in camel-jms, camel-sjms, camel-sjms2 and camel-amqp

JmsBinding.extractBodyFromJms in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized the payload of incoming JMS ObjectMessage values via javax.jms.ObjectMessage.getObject without applying any ObjectInputFilter, class allowlist or class denylist. Because this code path is...

CVE-2026-40860 Apache Camel: Unsafe Deserialization of JMS ObjectMessage in camel-jms, camel-sjms, camel-sjms2 and camel-amqp

JmsBinding.extractBodyFromJms in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized the payload of incoming JMS ObjectMessage values via javax.jms.ObjectMessage.getObject without applying any ObjectInputFilter, class allowlist or class denylist. Because this code path is...

CVE-2026-40048

The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of .key files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to java.security.KeyPair is evaluated only after readObject has...

EUVD-2026-25790

The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of .key files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to java.security.KeyPair is evaluated only after readObject has...

CVE-2026-40473 Apache Camel Mina: Unsafe Deserialization in MinaConverter.toObjectInput() via TCP/UDP

The camel-mina component's MinaConverter.toObjectInputIoBuffer type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or UDP consumer and requests conversion to ObjectInput f...

EUVD-2026-25792

The camel-mina component's MinaConverter.toObjectInputIoBuffer type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or UDP consumer and requests conversion to ObjectInput f...

CVE-2026-40473

The CVE-2026-40473 issue affects the camel-mina MinaConverter.toObjectInput(IoBuffer) by wrapping an IoBuffer in a java.io.ObjectInputStream without ObjectInputFilter or class-loading restrictions. Affected: Apache Camel before certain fixed releases (3.0.0–4.14.6, 4.15.0–4.18.2, 4.19.0–4.20.0). ...

PT-2026-35387

Name of the Vulnerable Software and Affected Versions Apache MINA versions 2.0.0 through 2.0.27 Apache MINA versions 2.1.0 through 2.1.10 Apache MINA versions 2.2.0 through 2.2.5 Description An issue exists in the getObject function of the AbstractIoBuffer class due to an incomplete deserializati...

PT-2026-35405

Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...

PT-2026-35369

The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of .key files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to java.security.KeyPair is evaluated only after readObject has...

PT-2026-35372

JmsBinding.extractBodyFromJms in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized the payload of incoming JMS ObjectMessage values via javax.jms.ObjectMessage.getObject without applying any ObjectInputFilter, class allowlist or class denylist. Because this code path is...

PT-2026-35373

Name of the Vulnerable Software and Affected Versions Apache MINA versions 2.0.0 through 2.0.27 Apache MINA versions 2.1.0 through 2.1.10 Apache MINA versions 2.2.0 through 2.2.5 Description A flaw in the resolveClass function of AbstractIoBuffer allows a bypass of the classname allowlist for...

DETOUR: A Practical Backdoor Attack against Object Detection

Object detection OD is critical to real-world vision systems, yet existing backdoor attacks on detection transformers DETRs for OD tasks rely on patch-wise triggers optimized at fixed locations with minimal perturbations. Such attacks overlook that backdoor triggers in the real world may appear a...

Apache Camel 代码问题漏洞

Apache Camel is an open-source integration framework based on the Enterprise Integration Pattern EIP, developed by the Apache Foundation in the United States. This framework provides implementations of Java objects following the EIP pattern, and routing and mediation rules are configured through...

ProjeQtOr 安全漏洞

ProjeQtOr is a project management software developed by the French company ProjeQtOr. Versions 7.0 to 12.4.3 of ProjeQtOr contain security vulnerabilities. These vulnerabilities stem from a lack of authorization verification at the objectDetail.php endpoint, which may lead to the retrieval of...

PT-2026-35402

Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes...