Auth bypass in Apache Software Foundation Camel Keycloak
CVE-2026-53913
Improper Authentication, Missing Authentication for Critical Function, Not Failing Securely ('Failing Open') vulnerability in Apache Camel Keycloak Component. The KeycloakSecurityPolicy of camel-keycloak guards a route by running Keycloak…
Vulnerability class: Broken Authentication
Affected products
- Apache Software Foundation Camel Keycloak — versions 4.15.0, 4.19.0
Weakness classification (CWE)
References
- security@apache.org (vendor-advisory)