CVE lookup
CVE-2026-40022
Pruva has a verified reproduction for CVE-2026-40022: Apache Camel embedded HTTP/management servers can bypass authentication on subpaths when a non-root context path is configured, allowing unauthenticated access to protected routes and management endpoints.. The canonical evidence record is REPRO-2026-00267.
REPRO
REPRO-2026-00267
Package
org.apache.camel:camel-platform-http-main · maven
Severity
MEDIUM
Status
published