Skip to main content

Apache Camel CVE-2026-48203

| EUVDEUVD-2026-41838 CRITICAL
Improper Input Validation (CWE-20)
9.1
CVSS 3.1 · Vendor
Share

Severity by source

Vendor (CNA) PRIMARY
9.1 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
vuln.today AI
9.1 CRITICAL

Unauthenticated HTTP header injection (PR:N, AC:L, AV:N) yields SSRF disclosure (C:H) and document/field injection (I:H); no availability impact and scope kept unchanged, though the SSRF pivot could justify S:C.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (CNA).

CVSS VectorVendor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

6
Analysis Updated
Jul 06, 2026 - 21:20 vuln.today
v3 (cvss_changed)
Analysis Updated
Jul 06, 2026 - 21:20 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jul 06, 2026 - 20:22 vuln.today
cvss_changed
CVSS changed
Jul 06, 2026 - 20:22 NVD
9.1 (CRITICAL)
Patch available
Jul 06, 2026 - 10:01 EUVD
Analysis Generated
Jul 05, 2026 - 20:47 vuln.today

Description PRE-NVD

Disclosed via oss-security. NVD scoring and full description are pending.

AnalysisAI

Server-side request forgery and parameter/field injection in the Apache Camel camel-solr component (versions 4.0.0 through 4.14.7, 4.15.0 through 4.18.2, and 4.19.0 through 4.20.x) allow remote attackers to hijack Solr requests issued by a Camel route. Because the SolrParam. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach HTTP endpoint bridging to Solr
Delivery
Inject SolrParam.stream.url/shards header
Exploit
Header bypasses HttpHeaderFilterStrategy into Exchange
Execution
Solr producer forwards param to Solr server
Persist
Solr issues attacker-chosen outbound request
Impact
Exfiltrate internal/metadata service data

Vulnerability AssessmentAI

Exploitation Exploitation requires a Camel route that bridges an HTTP consumer (for example platform-http) directly into a solr: producer - this producer-plus-HTTP-bridge topology is the specific, non-default prerequisite. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals conflict and must be weighed carefully. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker identifies a public HTTP endpoint backed by a Camel route that forwards requests into a solr: producer (e.g. platform-http → solr:). …
Remediation Vendor-released patch: upgrade to Apache Camel 4.21.0; users on the 4.14.x LTS stream should upgrade to 4.14.8 and users on the 4.18.x stream to 4.18.3, per http://camel.apache.org/security/CVE-2026-48203.html. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify and audit all Camel routes using HTTP consumers (e.g., platform-http) connected to solr: producers. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Camel

View all
CVE-2025-27636 MEDIUM POC
5.6 Mar 09

Bypass/Injection vulnerability in Apache Camel components under particular conditions.10.0 through <= 4.10.1, from 4.8.0

CVE-2014-0002 HIGH POC
7.5 Mar 21

The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary file

CVE-2016-8749 CRITICAL POC
9.8 Mar 28

Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks. Rated cri

CVE-2014-0003 HIGH POC
7.5 Mar 21

The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remo

CVE-2026-23552 CRITICAL POC
9.1 Feb 23

Cross-realm token acceptance bypass in Apache Camel Keycloak security policy. The KeycloakSecurityPolicy fails to proper

CVE-2026-25747 HIGH POC
8.8 Feb 23

Deserialization of Untrusted Data vulnerability in Apache Camel LevelDB component. The Camel-LevelDB DefaultLevelDBSeria

CVE-2026-40473 HIGH POC
8.8 Apr 27

The camel-mina component's MinaConverter.toObjectInput(IoBuffer) type converter wraps an IoBuffer in a java.io.ObjectInp

CVE-2019-0194 HIGH POC
7.5 Apr 30

Apache Camel's File is vulnerable to directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely

CVE-2017-12634 CRITICAL
9.8 Nov 15

The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-se

CVE-2015-5344 CRITICAL
9.8 Feb 03

The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arb

CVE-2017-12633 CRITICAL
9.8 Nov 15

The camel-hessian component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-s

CVE-2013-4330 MEDIUM
6.8 Oct 04

Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arb

Share

CVE-2026-48203 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy