CVE-2026-40542 | Apache HttpClient up to 5.6.0 SCRAM-SHA-256 Authentication critical step in authentication

A vulnerability was found in Apache HttpClient up to 5.6.0. It has been rated as critical. This impacts an unknown function of the component SCRAM-SHA-256 Authentication. Performing a manipulation results in missing critical step in authentication.

This vulnerability is known as CVE-2026-40542. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More