CVE-2026-50633 | Apache CXF up to 4.1.6/4.2.1 JNDI DispatchMDBMessageListenerImpl injection

June 11, 2026 Yanac

A vulnerability has been found in Apache CXF up to 4.1.6/4.2.1 and classified as critical. This affects the function DispatchMDBMessageListenerImpl of the component JNDI Handler. This manipulation causes injection.

This vulnerability is handled as CVE-2026-50633. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More