Critical 2 vendors · 4 advisories
CVE-2026-40048
Unified cross-vendor view: this CVE is referenced by 2 tracked vendors. Each vendor rates and fixes it independently — confirm the impact for your specific products below.
Apache3 advisories
- Critical9.8Apache Camel: Deserialization of Untrusted Data vulnerability in Apache Camel PQC Component.Jul 6, 2026
- High7.8Apache Camel: The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of `<keyId>.key` files in the configured k…Apr 27, 2026
- High8.8Apache Camel: Deserialization of Untrusted Data vulnerability in Apache Camel PQC component.Jul 6, 2026
Linux1 advisory
- High7.8Arbitrary code execution via insecure deserialization of crafted key filesApr 27, 2026