CVE-2026-43866 | Apache Camel up to 4.14.7/4.18.2/4.20.x DefaultExchangeHolder deserialization
A vulnerability has been found in Apache Camel up to 4.14.7/4.18.2/4.20.x and classified as critical. This issue affects some unknown processing of the component DefaultExchangeHolder. Performing a manipulation results in deserialization.
This vulnerability was named CVE-2026-43866. The attack may be initiated remotely. There is no available exploit.
The affected component should be upgraded.VulDB Recent EntriesRead More