CVE-2026-50627 | Apache CXF up to 4.1.6/4.2.1 OAuth2 access control

A vulnerability marked as critical has been reported in Apache CXF up to 4.1.6/4.2.1. The impacted element is an unknown function of the component OAuth2. This manipulation causes improper access controls.

This vulnerability is registered as CVE-2026-50627. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More