CVE-2026-40047: Apache Camel camel-docling improperly validates custom CLI arguments, enabling argument injection and path traversal when untrusted data is mapped into docling invocation headers.
CVE-2026-40047 is verified against apache/camel · Maven affected versions: 4.15.0 through before 4.18.3 fixed version: 4.18.3 vulnerability class: Path Traversal This critical reproduction includes runnable sandbox proof, artifacts, and a plain-text agent view under REPRO-2026-00264.
pruva-verify REPRO-2026-00264 curl -O https://pruva.dev/api/v1/reproductions/REPRO-2026-00264/artifacts/bundle/repro/reproduction_steps.sh && chmod +x reproduction_steps.sh && ./reproduction_steps.sh Improper neutralization of argument delimiters in Apache Camel’s camel-docling component allows untrusted inputs to influence the docling CLI invocation. The component appended user-supplied arguments from CamelDoclingCustomArguments and path-bearing headers with weak validation (denylist of flags and literal ../ checks), enabling injection of unintended CLI flags and traversal sequences that resolve outside intended directories. The issue affects Apache Camel 4.15.0 through 4.18.2.
Variant analysis
The agent's step-by-step process — every tool call, every handoff, the moment the exploit fired. Phases: support triages the advisory · repro reproduces it · vuln_variant confirms the fix blocks it · judge verifies.
Loading session...
Scripts, logs, diffs, and output captured during the reproduction.