CVE-2026-43866 | Apache Camel up to 4.14.7/4.18.2/4.20.x DefaultExchangeHolder deserialization

SecurityVulns

A vulnerability has been found in Apache Camel up to 4.14.7/4.18.2/4.20.x and classified as critical. This issue affects some unknown processing of the component DefaultExchangeHolder. Performing a manipulation results in deserialization.

This vulnerability was named CVE-2026-43866. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More