Skip to content

CVE lookup

CVE-2026-40022

Pruva has a verified reproduction for CVE-2026-40022: Apache Camel embedded HTTP/management servers can bypass authentication on subpaths when a non-root context path is configured, allowing unauthenticated access to protected routes and management endpoints.. The canonical evidence record is REPRO-2026-00267.

REPRO

REPRO-2026-00267

Package

org.apache.camel:camel-platform-http-main · maven

Severity

MEDIUM

Status

published