CVE-2026-50632 | Apache CXF up to 4.1.6/4.2.1 JNDI injection

June 11, 2026 Yanac

A vulnerability, which was classified as critical, was found in Apache CXF up to 4.1.6/4.2.1. Affected by this issue is some unknown functionality of the component JNDI. The manipulation results in injection.

This vulnerability is known as CVE-2026-50632. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More