CVE-2026-49042 PUBLISHED

Apache Camel: langchain4j-tools: filter tool argument headers against declared parameters

Assigner: apache
Reserved: 27.05.2026 Published: 06.07.2026 Updated: 06.07.2026

Improper Input Validation vulnerability in Apache Camel.

This issue affects Apache Camel: from 4.8.0 through 4.18.2, from 4.19.0 through 4.20.0.

Users are recommended to upgrade to version 4.18.3, 4.21.0, which fixes the issue.

Product Status

Vendor Apache Software Foundation
Product Apache Camel
Versions Default: unaffected
  • affected from 4.8.0 to 4.18.2 (incl.)
  • affected from 4.19.0 to 4.20.0 (incl.)

Credits

  • Yu Bao - yubao@paypal.com, who works for paypal.com. reporter

References

Problem Types

  • CWE-20 Improper Input Validation CWE