Where
-Infinity
0

Trending

Last week
Last month
Last year

Apache CamelWhen authentication is enabled on the Apache Camel embedded HTTP server or embedded management serve…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2463178

Apache CamelThe fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case-variant…

Risk 83
First published (updated )
REDHAT-BUG-2463173

Apache CamelApache Camel: Unsafe Deserialization of JMS ObjectMessage in camel-jms, camel-sjms, camel-sjms2 and camel-amqp

Risk 91
Severity
9.8
First published (updated )
CVE-2026-40860

Apache CamelApache Camel: Camel-Infinispan: Unsafe Deserialization in Remote Aggregation Repository

Risk 84
Severity
8.8
First published (updated )
CVE-2026-40858

Apache CamelApache Camel Mina: Unsafe Deserialization in MinaConverter.toObjectInput() via TCP/UDP

Risk 83
Severity
8.8
First published (updated )
CVE-2026-40473
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache CamelApache Camel JMS, Apache Camel CoAP, Apache Camel Google PubSub: Incomplete fix for CVE-2025-27636 in non-HTTP HeaderFilterStrategies (camel-jms, camel-sjms, camel-coap, camel-google-pubsub) allows case-variant header injection

Risk 88
Severity
9.9
Trending
Month
First published (updated )
CVE-2026-40453

Apache CamelApache Camel PQC: Unsafe Deserialization from FileBasedKeyLifecycleManager

Risk 73
Severity
7.8
First published (updated )
CVE-2026-40048

Apache CamelApache Camel Platform HTTP Main: Authentication Bypass on Non-Root Context Paths in camel main runtime

Risk 58
Severity
8.2
First published (updated )
CVE-2026-40022

Apache CamelApache Camel: Inbound Header Filter Missing in MailHeaderFilterStrategy Allows Remote Code Execution via MIME Header Injection (CVE-2025-30177 Variant)

Risk 81
Severity
9.4
First published (updated )
CVE-2026-33454

Apache CamelApache Camel: CoAP URI Query Parameter to Exchange Header Injection in camel-coap Allows Single-Packet Pre-Auth Remote Code Execution

Risk 92
Severity
10
First published (updated )
CVE-2026-33453
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache CamelApache Camel: Unsafe Java deserialization in camel-consul ConsulRegistry allows arbitrary code execution via malicious values read from the Consul KV store

Risk 83
Severity
8.8
First published (updated )
CVE-2026-27172

Apache CamelApache Camel: Camel-Keycloak: Cross-Realm Token Acceptance Bypass in KeycloakSecurityPolicy

Risk 70
Severity
9.1
First published (updated )
CVE-2026-23552

Apache CamelApache Camel LevelDB: Deserialization of Untrusted Data in Camel LevelDB

Risk 59
Severity
8.8
EPSS
0.07%
First published (updated )
CVE-2026-25747

Apache CamelApache Camel Neo4j: Cypher injection vulnerability in Camel-Neo4j component

Risk 29
Severity
5.3
First published (updated )
CVE-2025-66169

oss-secCVE-2025-66169: Apache Camel: Cypher injection vulnerability in Camel-Neo4j component

First published (updated )
https://seclists.org/oss-sec/2026/q1/62
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache CamelApache Camel: Camel-Undertow Message Header Injection via Improper Filtering

Risk 29
Severity
6.5
EPSS
0.04%
First published (updated )
CVE-2025-30177

Apache Software Foundation Camel 4.11Reached end of life

EOL
May 29, 2025
First published (updated )
EOL-apache-camel-4.11

Apache CamelApache Camel: Camel Message Header Injection through request parameters

Risk 24
Severity
4.8
EPSS
0.02%
First published (updated )
CVE-2025-29891

Apache CamelApache Camel Vulnerability - CVE-2025-27636

Risk 36
Severity
5.6
EPSS
16.44%
First published (updated )
CVE-2025-27636

Apache Software Foundation Camel 4.9Reached end of life

EOL
Feb 11, 2025
First published (updated )
EOL-apache-camel-4.9
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache Software Foundation Camel 4.9Reached end of life

EOL
Feb 11, 2025
First published (updated )
latest-version-apache-camel-4.9

Apache Software Foundation Camel 4.7Reached end of life

EOL
Sep 10, 2024
First published (updated )
EOL-apache-camel-4.7

Apache Software Foundation Camel 4.7Reached end of life

EOL
Sep 10, 2024
First published (updated )
latest-version-apache-camel-4.7

Apache Software Foundation Camel 4.6Reached end of life

EOL
Jul 13, 2024
First published (updated )
EOL-apache-camel-4.6

Apache Software Foundation Camel 4.6Reached end of life

EOL
Jul 13, 2024
First published (updated )
latest-version-apache-camel-4.6
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache Software Foundation Camel 4.5Reached end of life

EOL
May 10, 2024
First published (updated )
latest-version-apache-camel-4.5

Apache Software Foundation Camel 4.5Reached end of life

EOL
May 10, 2024
First published (updated )
EOL-apache-camel-4.5

Apache CamelExposure of sensitive data by by crafting a malicious EventFactory and providing a custom ExchangeCr…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-2266024

maven/org.apache.camel:camel-coreApache Camel issue on ExchangeCreatedEvent

Risk 46
Severity
7.5
First published (updated )
CVE-2024-22371

maven/org.apache.camel:camel-cassandraqlApache Camel: Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository

Risk 64
Severity
9.8
EPSS
0.04%
First published (updated )
CVE-2024-23114
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203