Auth bypass in Apache Software Foundation Camel Lucene

CVE-2026-46585

Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel Lucene Component. The camel-lucene producer reads the search phrase from an Exchange header (LuceneConstants.HEADER_QUERY) whose val…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

Affected products

Weakness classification (CWE)

References