CVE-2026-46454
Apache Software Foundation · Apache Camel
The Apache Camel Cometd component is vulnerable to improper input validation, allowing unauthenticated remote attackers to inject control headers and influence downstream route behavior.
Executive summary
Apache Camel is vulnerable to an unauthenticated header injection flaw that allows attackers to manipulate message routing and internal control headers.
Vulnerability
The vulnerability exists because inbound Bayeux message headers are mapped into the Camel Exchange without adequate filtering. An unauthenticated attacker can inject arbitrary control headers, which are then processed by downstream route components.
Business impact
The ability to manipulate internal control headers allows an attacker to redirect HTTP traffic, alter file processing destinations, or override JMS destinations. The CVSS score of 9.8 highlights the critical risk, as this can lead to data exfiltration, service disruption, or unauthorized processing of sensitive information depending on the route configuration.
Remediation
Immediate Action: Upgrade to Apache Camel version 4.21.0, 4.14.8, or 4.18.3 depending on the specific release stream in use.
Proactive Monitoring: Monitor application logs for unexpected header configurations or anomalous routing behavior within Camel routes.
Compensating Controls: For systems that cannot be patched immediately, implement a HeaderFilterStrategy to strip "Camel*" and "camel*" headers, and enforce Bayeux SecurityPolicies to require authentication for all clients.
Exploitation status
Public Exploit Available: False
Analyst recommendation
This vulnerability presents a significant risk to the integrity of message routing logic. It is recommended that organizations prioritize upgrading to the specified patched versions to ensure that header filtering is correctly enforced and to prevent potential unauthorized control of Camel routes.