Deserialization in Apache Software Foundation Camel

CVE-2026-43865

Deserialization of Untrusted Data vulnerability in Apache Camel Hazelcast component. The camel-hazelcast component creates and manages Hazelcast instances using a default configuration that applies no Java deserialization filter. When Cam…

Vulnerability class: Insecure Deserialization

Affected products

Weakness classification (CWE)

References