CVE-2026-50630 | Apache CXF up to 4.1.6/4.2.1 OAuth2 response splitting

June 11, 2026 Yanac

A vulnerability classified as critical was found in Apache CXF up to 4.1.6/4.2.1. Affected is an unknown function of the component OAuth2. Executing a manipulation can lead to http response splitting.

This vulnerability appears as CVE-2026-50630. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More