CVE-2026-49042

HIGH

Apache Camel: langchain4j-tools: filter tool argument headers against declared parameters

Title source: cna
STIX 2.1

Description

Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: from 4.8.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.18.3, 4.21.0, which fixes the issue.

References (2)

Core 2

Scores

CVSS v3 7.3
EPSS 0.0040
EPSS Percentile 32.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-20
Status published
Products (3)
apache/camel 4.8.0 - 4.18.3
Apache Software Foundation/Apache Camel 4.19.0 - 4.20.0
Apache Software Foundation/Apache Camel 4.8.0 - 4.18.2
Published Jul 06, 2026
Tracked Since Jul 06, 2026