CVE-2026-50628 | Apache CXF up to 4.1.6/4.2.1 OAuth2 access control

A vulnerability described as critical has been identified in Apache CXF up to 4.1.6/4.2.1. This affects an unknown function of the component OAuth2. Such manipulation leads to improper access controls.

This vulnerability is documented as CVE-2026-50628. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More