This is an automated email from the ASF dual-hosted git repository.

oscerd pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-website.git

commit 8866379a24218d16c26c4ddcd9f5bbc2888e5afb
Author: Andrea Cosentino <[email protected]>
AuthorDate: Wed Jun 17 15:41:11 2026 +0200

    Removed redundant "Apache Camel:" prefix from June 2026 CVE advisory 
summaries
    
    Stripped the leading "Apache Camel: " from the summary field of the 23 
security advisories added in June 2026, since the prefix is redundant on the 
Apache Camel security pages. Regenerated and re-signed each matching .txt.asc 
clearsigned file from the updated .md using the original advisory key 
(27663406EB6DBAF5291F2615E34E9F3802FF4100, SHA512), so the signed copies stay 
in sync.
    
    Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
    Signed-off-by: Andrea Cosentino <[email protected]>
---
 content/security/CVE-2026-40859.md      |  2 +-
 content/security/CVE-2026-40859.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-43865.md      |  2 +-
 content/security/CVE-2026-43865.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46453.md      |  2 +-
 content/security/CVE-2026-46453.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46454.md      |  2 +-
 content/security/CVE-2026-46454.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46455.md      |  2 +-
 content/security/CVE-2026-46455.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46456.md      |  2 +-
 content/security/CVE-2026-46456.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46457.md      |  2 +-
 content/security/CVE-2026-46457.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46584.md      |  2 +-
 content/security/CVE-2026-46584.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46585.md      |  2 +-
 content/security/CVE-2026-46585.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46590.md      |  2 +-
 content/security/CVE-2026-46590.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46591.md      |  2 +-
 content/security/CVE-2026-46591.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46592.md      |  2 +-
 content/security/CVE-2026-46592.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-46726.md      |  2 +-
 content/security/CVE-2026-46726.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-48203.md      |  2 +-
 content/security/CVE-2026-48203.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-48204.md      |  2 +-
 content/security/CVE-2026-48204.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-48205.md      |  2 +-
 content/security/CVE-2026-48205.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-48206.md      |  2 +-
 content/security/CVE-2026-48206.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-49086.md      |  2 +-
 content/security/CVE-2026-49086.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-49097.md      |  2 +-
 content/security/CVE-2026-49097.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-49098.md      |  2 +-
 content/security/CVE-2026-49098.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-49099.md      |  2 +-
 content/security/CVE-2026-49099.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-49365.md      |  2 +-
 content/security/CVE-2026-49365.txt.asc | 18 +++++++++---------
 content/security/CVE-2026-53913.md      |  2 +-
 content/security/CVE-2026-53913.txt.asc | 18 +++++++++---------
 46 files changed, 230 insertions(+), 230 deletions(-)

diff --git a/content/security/CVE-2026-40859.md 
b/content/security/CVE-2026-40859.md
index 331bcb8d..0925b1cd 100644
--- a/content/security/CVE-2026-40859.md
+++ b/content/security/CVE-2026-40859.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-40859
 severity: MEDIUM
-summary: "Apache Camel: Camel-Vertx-Http and Camel-Netty-Http: Unsafe Java 
deserialization of HTTP response bodies via a raw ObjectInputStream when 
transferException is enabled"
+summary: "Camel-Vertx-Http and Camel-Netty-Http: Unsafe Java deserialization 
of HTTP response bodies via a raw ObjectInputStream when transferException is 
enabled"
 description: "The camel-vertx-http and camel-netty-http components deserialize 
HTTP response bodies carrying the Content-Type 
application/x-java-serialized-object using a raw java.io.ObjectInputStream, 
without applying any ObjectInputFilter 
(VertxHttpHelper.deserializeJavaObjectFromStream and 
NettyHttpHelper.deserializeJavaObjectFromStream). This deserialization path is 
reached only when the producer endpoint is configured with 
transferException=true (or the component-level allowJavaSeri [...]
 mitigation: "Users are recommended to upgrade to version 4.20.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, the 
deserialization performed by both helper utilities is constrained by a default 
ObjectInputFilter (allow-list java.**;javax.**;org.apache.camel.**;!*), which 
can be customised through the new deserial [...]
 credit: "This issue was discovered by Venkatraman Kumar from Securin"
diff --git a/content/security/CVE-2026-40859.txt.asc 
b/content/security/CVE-2026-40859.txt.asc
index 49dada4d..a13b1cef 100644
--- a/content/security/CVE-2026-40859.txt.asc
+++ b/content/security/CVE-2026-40859.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-40859
 severity: MEDIUM
-summary: "Apache Camel: Camel-Vertx-Http and Camel-Netty-Http: Unsafe Java 
deserialization of HTTP response bodies via a raw ObjectInputStream when 
transferException is enabled"
+summary: "Camel-Vertx-Http and Camel-Netty-Http: Unsafe Java deserialization 
of HTTP response bodies via a raw ObjectInputStream when transferException is 
enabled"
 description: "The camel-vertx-http and camel-netty-http components deserialize 
HTTP response bodies carrying the Content-Type 
application/x-java-serialized-object using a raw java.io.ObjectInputStream, 
without applying any ObjectInputFilter 
(VertxHttpHelper.deserializeJavaObjectFromStream and 
NettyHttpHelper.deserializeJavaObjectFromStream). This deserialization path is 
reached only when the producer endpoint is configured with 
transferException=true (or the component-level allowJavaSeri [...]
 mitigation: "Users are recommended to upgrade to version 4.20.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, the 
deserialization performed by both helper utilities is constrained by a default 
ObjectInputFilter (allow-list java.**;javax.**;org.apache.camel.**;!*), which 
can be customised through the new deserial [...]
 credit: "This issue was discovered by Venkatraman Kumar from Securin"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.20.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23324 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/22613 (commit 
e735f56b4bcae040a6a113a83bf08d41b8696c43, released in 4.20.0) and backported to 
camel-4.18.x (commit a3835afef108fef9eaf04165faed91784889407f, PR #22637) and 
camel-4.14.x (commit 04019cf90a4b09e263d2df4ad4cacea85a9d72ee, PR #22768). 
Exploitation requires the non-def [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovy7sACgkQ406fOAL/
-QQDUsgf/VKtr0Ly6x5Hfj7x0Dpn3ZUJaSKW6Zk4pFpYstbxHXj5xKaHi4839gtJN
-ygGgz9x7nQuRdsuAMZgeZb923OM2X87O4EyX+sNqAkDlSijMN3VNVgMyt4Wi5fbb
-NlCaWTRVwcUoEfkuYm68wVXxfkO5ecbvJ06BmCL0fU1rVfSLWjHv3jWWMUYosneW
-BdZ0f3L7iJaGxC/SldSxespbIx2q6STo1nRF6u9zb2BXGhA1tq5+ztXssd2eKB/z
-32YPpog5R4ptnliA228FWR8Nr+m9mVjgfsKVgJT+fhGTiwVzln2KT+cueqmnvmsQ
-lRSPYRYDNabYquXxH0AfJWgGWL/uMQ==
-=RXFq
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1gACgkQ406fOAL/
+QQCI/Af7BEYPiylFrYj4t+6AasXVYgUAw5A9AVZ63zB9svw/d4CCGG38hTHTc8aD
+SJ+1zE5e444dGG0DLHwauQm/46N+Seh1m90SHc13fGYz/eUGzuashb3dO3VOiaLn
+tHBJmoUeNl7CGnFAuVFg1o5ISualI24WWMVP23uZAgFpWPIiZ6Uxi0uAF+J5YhUK
+xJpkP7e2AT+tzkOluFnIKzmewIYoFmzFDJ+glhoTpTgF424aLpeopBQMais6mn56
+POnaWy8bGcHb93DZJX1PKJZHB/xrogABUuIm8XDKX9xuVJVgL5eOZUzyA31POH8p
+NPHIBUNlymSRkSQrTev0fd0AFcVzJw==
+=z6i8
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-43865.md 
b/content/security/CVE-2026-43865.md
index e379a29e..3816671b 100644
--- a/content/security/CVE-2026-43865.md
+++ b/content/security/CVE-2026-43865.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-43865
 severity: MEDIUM
-summary: "Apache Camel: Camel-Hazelcast: Unsafe Java deserialization in 
default-configured managed Hazelcast instances enables remote code execution"
+summary: "Camel-Hazelcast: Unsafe Java deserialization in default-configured 
managed Hazelcast instances enables remote code execution"
 description: "The camel-hazelcast component creates and manages Hazelcast 
instances using a default configuration that applies no Java deserialization 
filter. When Camel builds the Hazelcast Config itself - that is, when no 
user-supplied HazelcastInstance, hazelcastConfigUri, or referenced Config bean 
is provided - neither Hazelcast's JavaSerializationFilterConfig nor a 
Camel-side ObjectInputFilter is configured, so objects received over the 
Hazelcast cluster protocol are deserialized in [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix makes Camel apply a 
default Hazelcast JavaSerializationFilterConfig (whitelisting the java., javax. 
and org.apache.camel. class-name prefixes and blacklisting java.net.) to 
instances it creates from its own defau [...]
 credit: "This issue was discovered by gaorenyusi"
diff --git a/content/security/CVE-2026-43865.txt.asc 
b/content/security/CVE-2026-43865.txt.asc
index 850b811d..0b90239d 100644
--- a/content/security/CVE-2026-43865.txt.asc
+++ b/content/security/CVE-2026-43865.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-43865
 severity: MEDIUM
-summary: "Apache Camel: Camel-Hazelcast: Unsafe Java deserialization in 
default-configured managed Hazelcast instances enables remote code execution"
+summary: "Camel-Hazelcast: Unsafe Java deserialization in default-configured 
managed Hazelcast instances enables remote code execution"
 description: "The camel-hazelcast component creates and manages Hazelcast 
instances using a default configuration that applies no Java deserialization 
filter. When Camel builds the Hazelcast Config itself - that is, when no 
user-supplied HazelcastInstance, hazelcastConfigUri, or referenced Config bean 
is provided - neither Hazelcast's JavaSerializationFilterConfig nor a 
Camel-side ObjectInputFilter is configured, so objects received over the 
Hazelcast cluster protocol are deserialized in [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix makes Camel apply a 
default Hazelcast JavaSerializationFilterConfig (whitelisting the java., javax. 
and org.apache.camel. class-name prefixes and blacklisting java.net.) to 
instances it creates from its own defau [...]
 credit: "This issue was discovered by gaorenyusi"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23414 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/22943 (commit 
7a309042f22493082647a410d9d8cafd672b1c74) and backported to camel-4.18.x 
(commit 5caf4368551f6d3b61690d5db03869491390d446) and camel-4.14.x (commit 
974a11b5ed5e2d50722f33aa48f61898395ea45b). This issue is distinct from the 
Hazelcast library deserialization advisorie [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovy8AACgkQ406fOAL/
-QQD7JAf/YgC+G4HXeCYgWMqvG1pTCU0Ql0U+lwH96AwFBlAaK/mIl7oVER9+/AqY
-LI7LU52ZQ9e9rv8tFhRc6F6DyRXtLx2rXG4zmPiq+ResF4X8unYUDQgXSYdgp1AN
-Qvygd6toAQs1/i1Ox1RAeU+/+qS6RxEvWf/rbvQxjeEWZVyMnmHCt5EO9KPL4PRA
-RxSnKiyXGERdSga1XnesUQgtolAyLk/OAth0CJjVzuAUTAHdHmC0ZOhGApIM5lkS
-uyzogTHlMS0LXLYkghIhmsyRbnUaJSZsuL1NsOA3gyPEzaXsiXKWEAw7JWo1jAoS
-S4ytZVtWnX5veJNAJub41Ni61XoxOg==
-=y0Ru
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1gACgkQ406fOAL/
+QQC3aQf+J/TnVKZ57Thfhkxm1tkg0ApytR715TjMTazsGIH49J6d1ImumKuGDLKa
+7Tdj1ZPfDhOpca3wclTjCgw0ELR1benN4fLMmGmXV30ukIhQkpCUqoBo9dOS4lPX
+vA/A0Z+lpcLoGGyIp0mOlZr0YfMKaMor10KI2Hp3MeXJuzAbW8PyekkywfoWW+ze
+XAhc7sCZvbLAroNwP203RBfMjVmYhUKl9+TnRf30HVXD6dCeJp30oByqC+5Miyr8
+RphtOfFNiZpSzgcEdsoUl7Qz8sDZ4nhPjLYuNTONSsDZp/aVLJVN+lAk3Yynw3Q5
+s/FpR1j0k2ogeH/k1cNXsaFOe+kUWQ==
+=i3eL
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46453.md 
b/content/security/CVE-2026-46453.md
index 0fc58149..fe3dea88 100644
--- a/content/security/CVE-2026-46453.md
+++ b/content/security/CVE-2026-46453.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46453
 severity: MEDIUM
-summary: "Apache Camel: Camel-Elasticsearch-Rest-Client: Exchange header 
constants without the Camel prefix bypass inbound HTTP header filtering, 
allowing untrusted clients to override the Elasticsearch query and operation"
+summary: "Camel-Elasticsearch-Rest-Client: Exchange header constants without 
the Camel prefix bypass inbound HTTP header filtering, allowing untrusted 
clients to override the Elasticsearch query and operation"
 description: "The camel-elasticsearch-rest-client component reads several 
Exchange headers to control its behaviour - SEARCH_QUERY (an advanced query 
body), OPERATION (which Elasticsearch operation to run), INDEX_NAME, 
INDEX_SETTINGS and ID. The string values of these header constants, defined in 
ElasticSearchRestClientConstant, are plain unprefixed names ('SEARCH_QUERY', 
'OPERATION', 'INDEX_NAME', 'INDEX_SETTINGS', 'ID') rather than the 
'Camel'-prefixed names used by every other Camel c [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix renames the 
camel-elasticsearch-rest-client Exchange header constant string values (ID, 
SEARCH_QUERY, INDEX_SETTINGS, INDEX_NAME, OPERATION) to carry the Camel prefix 
(CamelElasticsearchId, CamelElasticsearchSear [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-46453.txt.asc 
b/content/security/CVE-2026-46453.txt.asc
index 58350af7..40075449 100644
--- a/content/security/CVE-2026-46453.txt.asc
+++ b/content/security/CVE-2026-46453.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46453
 severity: MEDIUM
-summary: "Apache Camel: Camel-Elasticsearch-Rest-Client: Exchange header 
constants without the Camel prefix bypass inbound HTTP header filtering, 
allowing untrusted clients to override the Elasticsearch query and operation"
+summary: "Camel-Elasticsearch-Rest-Client: Exchange header constants without 
the Camel prefix bypass inbound HTTP header filtering, allowing untrusted 
clients to override the Elasticsearch query and operation"
 description: "The camel-elasticsearch-rest-client component reads several 
Exchange headers to control its behaviour - SEARCH_QUERY (an advanced query 
body), OPERATION (which Elasticsearch operation to run), INDEX_NAME, 
INDEX_SETTINGS and ID. The string values of these header constants, defined in 
ElasticSearchRestClientConstant, are plain unprefixed names ('SEARCH_QUERY', 
'OPERATION', 'INDEX_NAME', 'INDEX_SETTINGS', 'ID') rather than the 
'Camel'-prefixed names used by every other Camel c [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix renames the 
camel-elasticsearch-rest-client Exchange header constant string values (ID, 
SEARCH_QUERY, INDEX_SETTINGS, INDEX_NAME, OPERATION) to carry the Camel prefix 
(CamelElasticsearchId, CamelElasticsearchSear [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23508 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23212 (commit 
81f3a625c8853d6dff5fd748a0da9dba259c4076) and backported to camel-4.18.x 
(commit ff88400e3a95af16e17d553b34d3752d96496c5d, PR #23244) and camel-4.14.x 
(commit 0a87d31c8d19f59da4a5477bde192cc258ecc5d7, PR #23360). The issue is 
classified as CWE-20 (Improper Input Val [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovy8EACgkQ406fOAL/
-QQAFEAgAhox0nKt3x1kgCiO+K6E7x1TMOP5lvJgVc/jWdw66LONWrPYyrBR8Q9Il
-6xref4IIj3IxfyEyzyRFSDtowLhkouwhepZF02QWSo9HXMpCjraYHdf0or6JCoD0
-VW7yFzfjImth+DCeOXyj+P77O2VESa0BA+wM4VwZ4qjXXcGA9yr+YbZvUGMkG7Op
-fz6PsxtgLkUbZbqJn+1RKAKRn9AMyH01qtwna5aSuCia9aZiEfsTYefqMG74E6l7
-B2rIfvzdteXfvQuzCDSIbkAP0OIKBlxXrUki++d242MvqoiLGmOrMpZjHo3z0GQt
-nPQ3nrXhkjhzlqJV+RtpAI5leGvPng==
-=2lE+
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1gACgkQ406fOAL/
+QQDamggAqGeXRUdFnHe6nDcu+ASEi6M3OLc0YzpB3/RU/gfJrEo4rCwqN/TnTJIb
++jBYw8SkJ0D9oj/XKcdGV6A7UXxR1ZZHb7O+e16+PnPOLzsaBx/lKanwipWTFHUG
+Xu2cLWZJLs9xAGqUL0HvyUSiXYBZca2Ri/17TFoj5Ua8boVmfaRD8yoC3A9WAbmG
+T+m6hacARTh9xd8v/G2TE0bGtNgqxD520BDOlLHMJyAy2dRvXR2F8HFt09EedxQ3
+FFpSTFEyrLtXi1I/oeMZ633Tv8VrKjAdZiNeYcVDBFkN95cZautgR09WV5geiTuW
+5Pk0e66vZGB668e31TCXFz5tw4kneQ==
+=v1L2
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46454.md 
b/content/security/CVE-2026-46454.md
index 885beb9c..e9ee312c 100644
--- a/content/security/CVE-2026-46454.md
+++ b/content/security/CVE-2026-46454.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46454
 severity: MEDIUM
-summary: "Apache Camel: Camel-Cometd: Inbound Bayeux message headers are 
mapped into the Exchange without a HeaderFilterStrategy, allowing 
unauthenticated clients to inject Camel control headers"
+summary: "Camel-Cometd: Inbound Bayeux message headers are mapped into the 
Exchange without a HeaderFilterStrategy, allowing unauthenticated clients to 
inject Camel control headers"
 description: "The camel-cometd component maps inbound Bayeux (CometD) message 
headers into the Camel Exchange without applying a HeaderFilterStrategy. 
CometdBinding.populateExchangeFromMessage copies the entire ext.CamelHeaders 
map supplied by the CometD client directly onto the Camel message 
(message.setHeaders), so any header name - including Camel-internal control 
headers such as CamelHttpUri, CamelFileName or CamelJmsDestinationName - is 
accepted unmodified. Because a CometdComponent [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix implements a 
HeaderFilterStrategy in the camel-cometd binding (a long-standing TODO in the 
code) that filters the Camel header namespace case-insensitively on inbound 
mapping, so client-supplied Camel* / camel* h [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-46454.txt.asc 
b/content/security/CVE-2026-46454.txt.asc
index 42de74ba..6b9cfffa 100644
--- a/content/security/CVE-2026-46454.txt.asc
+++ b/content/security/CVE-2026-46454.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46454
 severity: MEDIUM
-summary: "Apache Camel: Camel-Cometd: Inbound Bayeux message headers are 
mapped into the Exchange without a HeaderFilterStrategy, allowing 
unauthenticated clients to inject Camel control headers"
+summary: "Camel-Cometd: Inbound Bayeux message headers are mapped into the 
Exchange without a HeaderFilterStrategy, allowing unauthenticated clients to 
inject Camel control headers"
 description: "The camel-cometd component maps inbound Bayeux (CometD) message 
headers into the Camel Exchange without applying a HeaderFilterStrategy. 
CometdBinding.populateExchangeFromMessage copies the entire ext.CamelHeaders 
map supplied by the CometD client directly onto the Camel message 
(message.setHeaders), so any header name - including Camel-internal control 
headers such as CamelHttpUri, CamelFileName or CamelJmsDestinationName - is 
accepted unmodified. Because a CometdComponent [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix implements a 
HeaderFilterStrategy in the camel-cometd binding (a long-standing TODO in the 
code) that filters the Camel header namespace case-insensitively on inbound 
mapping, so client-supplied Camel* / camel* h [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23507 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23211 (commit 
e20bdc2a6a3fd1128bcebe1b64c8e8589f0bc57d) and backported to camel-4.18.x 
(commit e9c741b4908dcffc0e1a7b1a5e6207a46aaac608) and camel-4.14.x (commit 
6fad391f9f5257b93ce07d9b8e5e7f486210d4f5). The issue is classified as CWE-20 
(Improper Input Validation). It belongs t [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovy8EACgkQ406fOAL/
-QQCnzwgAt/h8xwSJISKfmphsT4XxME4V/Oj3EGg6VJXV+Om+8MdIgFqyqEo648Oq
-klXgDf1MHjSkS/xmQXwZLY0rIkbiiXH/Xklo9Vr1un9I5R+ntuHJ32FwizoQuYWp
-9UjZH60CGLmrHM8uvdHzINm6alCLitLoLo7vRg0W/yrWI6OVdFNeZP5iCDtSyLvw
-Q4/GtYwVsi5xakzhgLE1kkWu9h1Mi2cKqg6PR2cuqj93EENPL7VFkD7f5BVO3qp4
-5biPUMOxoKfPaCtTrdGsm7p+2pYygDSQetu0gywOEBmOdIfe/VjwoqGpK/VhpFXZ
-/NqWn4BL7iUoreZWfC8et9Rod96ykQ==
-=h2kJ
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1gACgkQ406fOAL/
+QQB3NggAglQ6mf5GsX6ZvYP3oQ5G1UOT6gj4A8Es96Da+1jz6tM2bQSu1TQvHXqm
+W/FDia5jm8e8+FmlXXv7kQlUy0K3EqMeAq1E3i9LCmKYQLFx+fcSJ1H9a4WrT376
+cGZg0CGB2dlYMdGrevcGek40l3BMzbwyM5CqqigBDiJGJETWmLObiLTxenWUYoNf
+diPLOMrGh+YNdw12RFRuLtzUizpgBnyPJnnSbfGbJRUvZoSo9jn5Ng5PhB1Q8yow
+IGG+Vfnq5hAgLB21LmFVqeG6lHpCqdk63XbMGbPx31Tbsp5AX1vDFx6RbqN0nx+L
+nxrzyTMYoYBChnanLJ75Cst6kKLkDQ==
+=U8FA
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46455.md 
b/content/security/CVE-2026-46455.md
index 87624d68..f654d67e 100644
--- a/content/security/CVE-2026-46455.md
+++ b/content/security/CVE-2026-46455.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46455
 severity: MEDIUM
-summary: "Apache Camel: Camel-Keycloak: The access-token validity window is 
not verified because the IS_ACTIVE check is missing from the TokenVerifier, 
allowing expired tokens to be accepted"
+summary: "Camel-Keycloak: The access-token validity window is not verified 
because the IS_ACTIVE check is missing from the TokenVerifier, allowing expired 
tokens to be accepted"
 description: "The camel-keycloak security helper 
KeycloakSecurityHelper.parseAndVerifyAccessToken builds a Keycloak 
TokenVerifier using withChecks(...) with only the subject-exists check and the 
realm-URL (issuer) check. Keycloak's TokenVerifier.withChecks(...) appends to 
an initially empty check list - the upstream default checks are installed only 
when withDefaultChecks() is called - so the built-in IS_ACTIVE predicate, which 
validates the token's exp (expiration) and nbf (not-before)  [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.18.x releases stream, then they are suggested 
to upgrade to 4.18.3. The fix makes 
KeycloakSecurityHelper.parseAndVerifyAccessToken include the 
TokenVerifier.IS_ACTIVE check so that expired or not-yet-valid access tokens 
are rejected, aligning the helper with Keycloak's default check set. For 
deployments that cannot upgrade immediately, enforce token expiration outside 
the helper  [...]
 credit: "This issue was discovered by Andrea Cosentino from Apache Software 
Foundation and Yu Bao from Paypal"
diff --git a/content/security/CVE-2026-46455.txt.asc 
b/content/security/CVE-2026-46455.txt.asc
index 1fd1ebea..082b7a9d 100644
--- a/content/security/CVE-2026-46455.txt.asc
+++ b/content/security/CVE-2026-46455.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46455
 severity: MEDIUM
-summary: "Apache Camel: Camel-Keycloak: The access-token validity window is 
not verified because the IS_ACTIVE check is missing from the TokenVerifier, 
allowing expired tokens to be accepted"
+summary: "Camel-Keycloak: The access-token validity window is not verified 
because the IS_ACTIVE check is missing from the TokenVerifier, allowing expired 
tokens to be accepted"
 description: "The camel-keycloak security helper 
KeycloakSecurityHelper.parseAndVerifyAccessToken builds a Keycloak 
TokenVerifier using withChecks(...) with only the subject-exists check and the 
realm-URL (issuer) check. Keycloak's TokenVerifier.withChecks(...) appends to 
an initially empty check list - the upstream default checks are installed only 
when withDefaultChecks() is called - so the built-in IS_ACTIVE predicate, which 
validates the token's exp (expiration) and nbf (not-before)  [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.18.x releases stream, then they are suggested 
to upgrade to 4.18.3. The fix makes 
KeycloakSecurityHelper.parseAndVerifyAccessToken include the 
TokenVerifier.IS_ACTIVE check so that expired or not-yet-valid access tokens 
are rejected, aligning the helper with Keycloak's default check set. For 
deployments that cannot upgrade immediately, enforce token expiration outside 
the helper  [...]
 credit: "This issue was discovered by Andrea Cosentino from Apache Software 
Foundation and Yu Bao from Paypal"
@@ -20,12 +20,12 @@ fixed: 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23504 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23197 (commit 
39133b1ada37c60dea53f3b7db720dbd2ae73fa6) and backported to camel-4.18.x 
(commit 7f4c4736021aff4fad925eca3bf456b95db038f3, PR #23204). The fix adds 
TokenVerifier.IS_ACTIVE to the withChecks(...) invocation so the token's 
validity window (exp/nbf) is enforced alongsi [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovy8EACgkQ406fOAL/
-QQDKjQf/eWUv1jZGzXHjjyMgnq+rzZNRYr24rzJfNrYKRJqRlCnAz+j8DZvZk2zc
-8U6L23FX6HlSaHtuHCR+/EneCOkV5xaLmELY0Wh20ixHdvvjLBkzbcEuX4odWmwO
-2vVOvqZVQK4zluYvefygMh98m2lBYA8sSU+ATNZWOHJqibZF6F+i0qKtVUYVtPOh
-NPS1j6NtsXsur7N79XQSkRfZIvJh+0I0+GyAh9GvyT0lZBi7wE7aOdtDscLMkcea
-rbSb1SQ+BT0HOkbQuBPtqdJsrnwhDWxFPCeaHrFM3vyXG0fDhUqBqzz42ugPbg10
-KmQYoF9RVPeRsbiwvwXw5k2Tn19pBg==
-=eZ3j
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1gACgkQ406fOAL/
+QQDo8wf/XBm1JBWDXpdGCgvc8oWwUxantkITRlC4p8kocMB7ZZxYPcn8uf507aJU
+N63qPGxNHKc0o+cA0uzHR7TzHvc7KnsSAQz9EV+6K6xHRE2IEcWcK/MEg+6f4orQ
+brZ1YQi1M2uAWaW3iv8lSxrcPye/nJrgW6lTFugKzTXlHjxGddNpGs/IdqvlaPe3
+lEM31FJilb5+AF+8iKVW+6R5eOlFI0nEKg5SuwmTzYNgul7Y5gj1V5i+H2Dz0J/b
+8ve3rA3+l/K3dKf2yr2p7SxNN2SICT35NpwNKR/dCN8W1fcAQHRsRD+RVAOm64lN
+sx5nc9uePTl4X9S4ChdpFjXV/+a0oA==
+=l9Wj
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46456.md 
b/content/security/CVE-2026-46456.md
index 4aefe784..d1d5ac9f 100644
--- a/content/security/CVE-2026-46456.md
+++ b/content/security/CVE-2026-46456.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46456
 severity: MEDIUM
-summary: "Apache Camel: Camel-AWS2-SQS: Inbound message attributes are mapped 
into the Exchange without an inbound HeaderFilterStrategy, allowing a message 
sender to inject Camel control headers"
+summary: "Camel-AWS2-SQS: Inbound message attributes are mapped into the 
Exchange without an inbound HeaderFilterStrategy, allowing a message sender to 
inject Camel control headers"
 description: "The camel-aws2-sqs component maps inbound message attributes 
into the Camel Exchange through a component-specific HeaderFilterStrategy. 
Sqs2HeaderFilterStrategy configured only an outbound filter 
(setOutFilterPattern, which blocks Camel*, breadcrumbId and org.apache.camel.* 
headers being written to the broker) but did not configure an inbound filter. 
As a result, when Sqs2Consumer copies each SQS MessageAttribute into the 
Exchange via HeaderFilterStrategy.applyFilterToExter [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix adds an inbound 
HeaderFilterStrategy rule to Sqs2HeaderFilterStrategy that filters the Camel 
header namespace case-insensitively on inbound mapping, so sender-supplied 
Camel* / camel* headers are no longer copied [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-46456.txt.asc 
b/content/security/CVE-2026-46456.txt.asc
index 6b395a44..0d678e39 100644
--- a/content/security/CVE-2026-46456.txt.asc
+++ b/content/security/CVE-2026-46456.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46456
 severity: MEDIUM
-summary: "Apache Camel: Camel-AWS2-SQS: Inbound message attributes are mapped 
into the Exchange without an inbound HeaderFilterStrategy, allowing a message 
sender to inject Camel control headers"
+summary: "Camel-AWS2-SQS: Inbound message attributes are mapped into the 
Exchange without an inbound HeaderFilterStrategy, allowing a message sender to 
inject Camel control headers"
 description: "The camel-aws2-sqs component maps inbound message attributes 
into the Camel Exchange through a component-specific HeaderFilterStrategy. 
Sqs2HeaderFilterStrategy configured only an outbound filter 
(setOutFilterPattern, which blocks Camel*, breadcrumbId and org.apache.camel.* 
headers being written to the broker) but did not configure an inbound filter. 
As a result, when Sqs2Consumer copies each SQS MessageAttribute into the 
Exchange via HeaderFilterStrategy.applyFilterToExter [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix adds an inbound 
HeaderFilterStrategy rule to Sqs2HeaderFilterStrategy that filters the Camel 
header namespace case-insensitively on inbound mapping, so sender-supplied 
Camel* / camel* headers are no longer copied [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23506 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23221 (commit 
5f57258fb33d33ef99df10594f8fe9f11d7c2b7e) and backported to camel-4.18.x 
(commit 7b334be0419839097a132d4ff3427fc4083e695e) and camel-4.14.x (commit 
b7f78292e747a28dbf5da444265557b5f9f3c1a1). The issue is classified as CWE-20 
(Improper Input Validation). It belongs t [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0QACgkQ406fOAL/
-QQBxdwf/UgsFkSaK6vTC9glRWLySFdR725HGT1GtGPb/zkpbAVATc3xPwd+sy7ca
-8ZwQOFUj/XkpBS1+i92HqTejbXaGD0zs0MDYJeDd6RgWUmTa/W1ibk/NpY3bOLiQ
-V5VOdNQTIn8lF+gKYVTuVtlTRUkMZjiwEZCroG5kZcnyBL40JxdaH8PObPFTM+vp
-dSB6LOMd40Bl6pLj5ocvoZ1ipPqZEIb000r6H6eBVLC/MrByXIlCcHQ9Q5IGqkWX
-7ui30RQG/QnGKuZGFXTts6o0fil5vDfKrdYV9UCOIGTSWrxxiT56T/JsiHN0LOVb
-yaDWfQQcbZnf6f4lsXHUU1TUNIGUTA==
-=U/lk
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1gACgkQ406fOAL/
+QQCyvggAql9wHXpY/x2jlr01p999d4PwDHRN8mQhSR1eKA9FaZDPXttQcxtdTZNr
+qgxzjhO1hI24NT2O7gdCj9HVN1NVbXreNOF31twq0kAYalyuzJ+/CZ2HSvj4RPh1
+SwTLvHP1WLBZ6TEj6yWIPFMOLvzsj+shqhLoESqReo0QE9grx4rIe4AqYpzpmkGW
+qi9o9KmlnAmpa6oj0yIZQAexn1HSydy9PQ7XXisFB1AxvNBvmW1NlGIkLGdr+e9k
+HWPUCgObroupRRiUN/T+YuSNQILIzZLTrgrstPplJcDyAHJokhHSlmim9v87ey6e
+cJybqgoQuk4sf2/JPgWyizM4PvD/Xg==
+=0BwF
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46457.md 
b/content/security/CVE-2026-46457.md
index ceb07acd..c36eeb23 100644
--- a/content/security/CVE-2026-46457.md
+++ b/content/security/CVE-2026-46457.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46457
 severity: MEDIUM
-summary: "Apache Camel: Camel-NATS: Inbound NATS message headers are mapped 
into the Exchange without a configured HeaderFilterStrategy, allowing a client 
that can publish to the subject to inject Camel control headers"
+summary: "Camel-NATS: Inbound NATS message headers are mapped into the 
Exchange without a configured HeaderFilterStrategy, allowing a client that can 
publish to the subject to inject Camel control headers"
 description: "The camel-nats component maps inbound NATS message headers into 
the Camel Exchange but defaulted its headerFilterStrategy to a bare new 
DefaultHeaderFilterStrategy() with no inbound rules configured 
(NatsConfiguration). With no inFilter, inFilterPattern or inFilterStartsWith 
set, DefaultHeaderFilterStrategy.applyFilterToExternalHeaders returns not 
filtered for every header name, so NatsConsumer copies every NATS message 
header - including Camel-internal control headers such [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix makes camel-nats default 
to a dedicated NatsHeaderFilterStrategy that filters the Camel header namespace 
case-insensitively on inbound mapping, so client-supplied Camel* / camel* 
headers are no longer copied into [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-46457.txt.asc 
b/content/security/CVE-2026-46457.txt.asc
index 44eda380..0edd208a 100644
--- a/content/security/CVE-2026-46457.txt.asc
+++ b/content/security/CVE-2026-46457.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46457
 severity: MEDIUM
-summary: "Apache Camel: Camel-NATS: Inbound NATS message headers are mapped 
into the Exchange without a configured HeaderFilterStrategy, allowing a client 
that can publish to the subject to inject Camel control headers"
+summary: "Camel-NATS: Inbound NATS message headers are mapped into the 
Exchange without a configured HeaderFilterStrategy, allowing a client that can 
publish to the subject to inject Camel control headers"
 description: "The camel-nats component maps inbound NATS message headers into 
the Camel Exchange but defaulted its headerFilterStrategy to a bare new 
DefaultHeaderFilterStrategy() with no inbound rules configured 
(NatsConfiguration). With no inFilter, inFilterPattern or inFilterStartsWith 
set, DefaultHeaderFilterStrategy.applyFilterToExternalHeaders returns not 
filtered for every header name, so NatsConsumer copies every NATS message 
header - including Camel-internal control headers such [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix makes camel-nats default 
to a dedicated NatsHeaderFilterStrategy that filters the Camel header namespace 
case-insensitively on inbound mapping, so client-supplied Camel* / camel* 
headers are no longer copied into [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23515 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23233 (commit 
be8aad96fa04f81d2b58884e27ba6755c9ad2718) and backported to camel-4.18.x 
(commit 67f7ea7465a1bf637339975c69a82327890e22f0) and camel-4.14.x (commit 
f7022926ca9c1c94866bf32596c9869f424a3b2c). The issue is classified as CWE-20 
(Improper Input Validation). It belongs t [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQB8aAf/QXfXf5rWo8cQuLMBTT17kUjxZZoV1O0hO4b2l7DoSnh3/3XJ7UcSMvw5
-vrUGZJHSyP6CJkH8JTC603D6xuud/L9zu9v5gK9Lo8fb/VecmHvl+KT7GkPUpDkk
-Qpzm3bZmSveSRfA0NXKPTpQLtJxXmZslg5HR2qux83Ijy7aRSK5mY3+B/uyUxs2W
-9qpf4MBmGpt7grnURud2opDhfCZWvi9a/D8SFiuSZTZthybWWVQ9AOV6e0STrvX0
-nwSSaqqtU0i3j2L3xFFZZnWzUGVLOZy2zzNxMUTSshf26358Wc+wPD1QNKjSLvrO
-Evx24Bsxd+6xemJADqW0RSIDwfOc+g==
-=y/w1
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1gACgkQ406fOAL/
+QQDzTQgAr9BVaoZjAaIwiL4/8uNezA7wVscghYmsDf4Y6w3cOdFLsslmOm0Lfj3k
+01d/e+fy+Asyo3TNOl9/qQ1NC+Zfw+fVOBOiTHh4z9s33hsCROc9I9SQjU3GOawZ
+wXWIs0t5hR/VoPz59CVP9gP90utERQvXdUztYa1PIE+2KO4gkCPeDByUTnrbJ78P
+M091Hvq9CHPkah+VThF9AWvc+EwGzcLu/9718vtqjDEH14r/YzXvFOFHJamiA7Zg
+dq37whL34QCciN7dUF30yNa1lUttQxM5Lf+jwRljQlNyXtwM+s6fRSRhrTLEQK0R
+ZyS4JO+MArhrOdTqpPVPiegFYpD9kQ==
+=mCP5
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46584.md 
b/content/security/CVE-2026-46584.md
index 23e644ef..6023a364 100644
--- a/content/security/CVE-2026-46584.md
+++ b/content/security/CVE-2026-46584.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46584
 severity: MEDIUM
-summary: "Apache Camel: Camel-Mail: The mail producer applied 
attacker-supplied mail.smtp.* / mail.smtps.* message headers as JavaMail 
session properties, allowing an attacker to weaken the SMTP transport security 
and, on releases before 4.19.0, redirect the connection and steal the 
configured SMTP credentials"
+summary: "Camel-Mail: The mail producer applied attacker-supplied mail.smtp.* 
/ mail.smtps.* message headers as JavaMail session properties, allowing an 
attacker to weaken the SMTP transport security and, on releases before 4.19.0, 
redirect the connection and steal the configured SMTP credentials"
 description: "The camel-mail producer (MailProducer.getSender) scanned the 
outgoing Exchange for message headers in the mail.smtp. / mail.smtps. namespace 
and, when any were present, built a per-message JavaMail sender with those 
values applied as JavaMail session properties, overriding the endpoint 
configuration. This namespace is Camel-internal - only MailProducer interprets 
it - and was not blocked by any HeaderFilterStrategy, so the values could 
originate from any inbound protocol (f [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, the per-message 
override is disabled by default; enable it only on trusted endpoints with 
useJavaMailSessionPropertiesFromHeaders=true. For deployments that cannot 
upgrade immediately, strip the namespac [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-46584.txt.asc 
b/content/security/CVE-2026-46584.txt.asc
index 16888bc4..9051ba15 100644
--- a/content/security/CVE-2026-46584.txt.asc
+++ b/content/security/CVE-2026-46584.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46584
 severity: MEDIUM
-summary: "Apache Camel: Camel-Mail: The mail producer applied 
attacker-supplied mail.smtp.* / mail.smtps.* message headers as JavaMail 
session properties, allowing an attacker to weaken the SMTP transport security 
and, on releases before 4.19.0, redirect the connection and steal the 
configured SMTP credentials"
+summary: "Camel-Mail: The mail producer applied attacker-supplied mail.smtp.* 
/ mail.smtps.* message headers as JavaMail session properties, allowing an 
attacker to weaken the SMTP transport security and, on releases before 4.19.0, 
redirect the connection and steal the configured SMTP credentials"
 description: "The camel-mail producer (MailProducer.getSender) scanned the 
outgoing Exchange for message headers in the mail.smtp. / mail.smtps. namespace 
and, when any were present, built a per-message JavaMail sender with those 
values applied as JavaMail session properties, overriding the endpoint 
configuration. This namespace is Camel-internal - only MailProducer interprets 
it - and was not blocked by any HeaderFilterStrategy, so the values could 
originate from any inbound protocol (f [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, the per-message 
override is disabled by default; enable it only on trusted endpoints with 
useJavaMailSessionPropertiesFromHeaders=true. For deployments that cannot 
upgrade immediately, strip the namespac [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23522 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23362 (commit 
1e31abca3213cde447a2ded1adc070ffec6836f1) and backported to camel-4.18.x 
(commit 725175e3aa16216361acc8497345f8e00536d2e0) and camel-4.14.x (commit 
2d2815d256068f15d42da3af27fa86fb5efad2ab). The fix gates the per-message 
JavaMail session-property override behind a n [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQDMJQf9GjkfokoQKuFxNlvSJLF6Y5Y5W/4GOogvmeotH/raojPaMIbG3wx9crKt
-i1LnogtEM8e1+7eUxfNdztrfUIow4T+/2wnSgBdhOaH83oyAZ6sxdXd6eFZn2RFn
-dzotNlQ/ugOff/G7GrBgfQLIJJwdHb8DrJL7RgCidTcv38GdbkaDPsesaI0XS178
-TBhWaENPKcxpPrrPLLKytWvaa7WOFS1DIgBf2RxvtX7aL7YXF5KqxUQeoizjzvhh
-pgGRQSOVT74KoB7fjNewszWXgV0g3kCyeCIbNUHLtkCkgdqMGFvfyHw0OwRvEs4J
-1Gs2pOrjek13YNYkXX/U11s2ZbX0DQ==
-=PmUn
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1gACgkQ406fOAL/
+QQCWgQf/S0l3K+SUkm966JiboPdNMOYbW9M9Ef6GBom6qvuA6JXVGvnGOdjVdcad
++PkVEuwNiCVQV+2n7N0RPr0mWdYz1h23nYMRfa6yG+qFi8kkrBJVHaoDkSmsyXyy
+KhGc/9HO/hzU2LyoopakP/qVPyQUf+VEZt6t3jYSYZk2xq1eSXYEpTtO9U6/tyir
+dqlrIwrQNv1sX0t6j4Qg+FDZ/zbD9T6EKNU3DY21Yb4xwYZ0fIxEsruKH+MA9QC4
+F0L8RLsa930VNuTOGvBR2iTLfmoxIKeGmwDwakR3iT+xlsuDLpduZSX/fp9RcmWC
+D1DExjAuJSXyvXkZjJ0gE2rGT7EHbA==
+=NbvN
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46585.md 
b/content/security/CVE-2026-46585.md
index d230f47b..75206951 100644
--- a/content/security/CVE-2026-46585.md
+++ b/content/security/CVE-2026-46585.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46585
 severity: MEDIUM
-summary: "Apache Camel: Camel-Lucene: The query control headers used 
non-Camel-prefixed names (QUERY, RETURN_LUCENE_DOCS) that bypass the HTTP 
header filter, allowing an HTTP client to inject the full-text search query"
+summary: "Camel-Lucene: The query control headers used non-Camel-prefixed 
names (QUERY, RETURN_LUCENE_DOCS) that bypass the HTTP header filter, allowing 
an HTTP client to inject the full-text search query"
 description: "The camel-lucene producer reads the search phrase from an 
Exchange header (LuceneConstants.HEADER_QUERY) whose value was the plain string 
QUERY (and RETURN_LUCENE_DOCS for HEADER_RETURN_LUCENE_DOCS). Because these 
names do not start with the Camel / camel prefix, HttpHeaderFilterStrategy - 
which blocks only the Camel header namespace on the HTTP boundary - let them 
pass from an inbound HTTP request straight into the Exchange. In a route that 
exposes a Lucene query operation [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that set 
the query via the raw header name must use CamelLuceneQuery (and 
CamelLuceneReturnLuceneDocs) instead of QUERY / RETURN_LUCENE_DOCS. For 
deployments that cannot upgrade immediately, strip [...]
 credit: "This issue was discovered by Andrea Cosentino from the Apache 
Software Foundation and Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-46585.txt.asc 
b/content/security/CVE-2026-46585.txt.asc
index 66976542..780bbf1e 100644
--- a/content/security/CVE-2026-46585.txt.asc
+++ b/content/security/CVE-2026-46585.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46585
 severity: MEDIUM
-summary: "Apache Camel: Camel-Lucene: The query control headers used 
non-Camel-prefixed names (QUERY, RETURN_LUCENE_DOCS) that bypass the HTTP 
header filter, allowing an HTTP client to inject the full-text search query"
+summary: "Camel-Lucene: The query control headers used non-Camel-prefixed 
names (QUERY, RETURN_LUCENE_DOCS) that bypass the HTTP header filter, allowing 
an HTTP client to inject the full-text search query"
 description: "The camel-lucene producer reads the search phrase from an 
Exchange header (LuceneConstants.HEADER_QUERY) whose value was the plain string 
QUERY (and RETURN_LUCENE_DOCS for HEADER_RETURN_LUCENE_DOCS). Because these 
names do not start with the Camel / camel prefix, HttpHeaderFilterStrategy - 
which blocks only the Camel header namespace on the HTTP boundary - let them 
pass from an inbound HTTP request straight into the Exchange. In a route that 
exposes a Lucene query operation [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that set 
the query via the raw header name must use CamelLuceneQuery (and 
CamelLuceneReturnLuceneDocs) instead of QUERY / RETURN_LUCENE_DOCS. For 
deployments that cannot upgrade immediately, strip [...]
 credit: "This issue was discovered by Andrea Cosentino from the Apache 
Software Foundation and Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23509 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23208 (commit 
878ea07996caff19ed227984bf6cb6cf01983422) and backported to camel-4.18.x 
(commit 16a70d48145605c1a35e909d308bf9e5e2d3e7d8) and camel-4.14.x (commit 
349f197115d60e0c180cf9836e08f4aeb5a87872). The fix renames the camel-lucene 
Exchange header values to the Camel conven [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQC3GggAnZOT1B4CJk0IS6DqwsJKrl1PTGC6u84vl7R1x6P5Y/c6yurVduLBy4ov
-HXeB1Abkr2NXJr24OTUT3jov5Mwju6wwzrzznukMpPW34rm+9UzyzxyuFRAU4Nw/
-0Ybxx43ixIy4+dOYxVZfIUEmUQ79Hyiy7WMsjFylUFAEeeJ3gEDPDXO21e/KJ2FM
-C9ZY98n9PgLbNeKpYPMEghOf71JVhlWwJTGM57NdeX9bBYPjYJTX3CWuEvAb8AR9
-Q8oPy59r5oiw2WB7JEzvPCPMgnSF06QzqjDl5zkpeGzwK8bYmhlokascvKmxdffK
-qXorC3BLZVsPyD1CCNGRtUwcbXImTQ==
-=AxD0
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1gACgkQ406fOAL/
+QQDWtwf/UgJ/ym2Wp0WlOMtCxKMg2p92cYK+Bj2Awk8LNNqn4qOoHFfoYklvWqL2
+NcL3YzMsxVk1pWlFSiUO8PkGdt9IAqQ0tXM/Ul6fpHS1ykv8k3gsccqfHMfsXKI7
+Uo98rA44sJPbVStBDyTzE+nycRLVnMoZ+u0oNbV9QmQeRHGk3AITGdAkbCxxAOJi
++Ojkmo3en1U32K9NXoikd9cus3uCtBUa6Km3Ub3SUt6ehS/+YsNluN/kzQL95NnC
+eHD6wdQ8qw+usO3CDta3l2UiRWab1CjFAQyfhUr/QRuRizMs61/a1EiMiZ4WFNbn
+YGECEi6Uplcah3pZc8sH74iRE7wR5g==
+=rP0d
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46590.md 
b/content/security/CVE-2026-46590.md
index 9351633a..2d8f98ca 100644
--- a/content/security/CVE-2026-46590.md
+++ b/content/security/CVE-2026-46590.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46590
 severity: MEDIUM
-summary: "Apache Camel: Camel-PQC: The HashiCorp Vault and AWS Secrets Manager 
key-lifecycle managers deserialize persisted key metadata with 
java.io.ObjectInputStream and no ObjectInputFilter (incomplete remediation of 
CVE-2026-40048)"
+summary: "Camel-PQC: The HashiCorp Vault and AWS Secrets Manager key-lifecycle 
managers deserialize persisted key metadata with java.io.ObjectInputStream and 
no ObjectInputFilter (incomplete remediation of CVE-2026-40048)"
 description: "The camel-pqc component persists post-quantum key metadata 
(KeyMetadata) through pluggable KeyLifecycleManager implementations. 
HashicorpVaultKeyLifecycleManager and AwsSecretsManagerKeyLifecycleManager read 
that metadata back from the configured secret backend by deserializing a 
Base64-wrapped value with a raw java.io.ObjectInputStream.readObject() and no 
ObjectInputFilter or class allow-list; the cast to KeyMetadata happens only 
after readObject() returns, so any readObje [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.18.x LTS releases stream, then they are 
suggested to upgrade to 4.18.3. For deployments that cannot upgrade 
immediately, restrict write access to the key backend so that only the 
application's own identity can write the camel-pqc secrets (least-privilege 
HashiCorp Vault policies and secretsmanager:PutSecretValue IAM), and keep the 
PQC key material in a backend separate from any d [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-46590.txt.asc 
b/content/security/CVE-2026-46590.txt.asc
index 6840499a..d55de300 100644
--- a/content/security/CVE-2026-46590.txt.asc
+++ b/content/security/CVE-2026-46590.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46590
 severity: MEDIUM
-summary: "Apache Camel: Camel-PQC: The HashiCorp Vault and AWS Secrets Manager 
key-lifecycle managers deserialize persisted key metadata with 
java.io.ObjectInputStream and no ObjectInputFilter (incomplete remediation of 
CVE-2026-40048)"
+summary: "Camel-PQC: The HashiCorp Vault and AWS Secrets Manager key-lifecycle 
managers deserialize persisted key metadata with java.io.ObjectInputStream and 
no ObjectInputFilter (incomplete remediation of CVE-2026-40048)"
 description: "The camel-pqc component persists post-quantum key metadata 
(KeyMetadata) through pluggable KeyLifecycleManager implementations. 
HashicorpVaultKeyLifecycleManager and AwsSecretsManagerKeyLifecycleManager read 
that metadata back from the configured secret backend by deserializing a 
Base64-wrapped value with a raw java.io.ObjectInputStream.readObject() and no 
ObjectInputFilter or class allow-list; the cast to KeyMetadata happens only 
after readObject() returns, so any readObje [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.18.x LTS releases stream, then they are 
suggested to upgrade to 4.18.3. For deployments that cannot upgrade 
immediately, restrict write access to the key backend so that only the 
application's own identity can write the camel-pqc secrets (least-privilege 
HashiCorp Vault policies and secretsmanager:PutSecretValue IAM), and keep the 
PQC key material in a backend separate from any d [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23726 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23912 (commit 
feea08e7847f35dc0e177652b0b02bd45f6c1b4f) and backported to camel-4.18.x in 
https://github.com/apache/camel/pull/23914 (commit 
12a9ac3c94d6fda12d16b2c0039db41c6204727e). The fix introduces a shared 
KeyMetadataCodec that stores key metadata as JSON for all three KeyL [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQD+sAf+L/iA+rSluo6rIJ6RqqWIsOUDKQzDB6XIdWO9WZRoYEuKfZXrUF42pxJS
-WtvDxUDmrf5yTl5T89cVhyE+3QnLV09qgC3A2W8YT5LBh8P7ishODUbaxgi7oY4T
-CB9lXZ/dkMpn/D7uCSmbZW8r6WcNTczJwNd4j77d4yv3S8eEv0/xBkCqQon8xBo+
-q8a7E2fu1ghYP+P6ZayGU2Ir6eDfRjOx/eFMDpj7fIPGxa5CN3dA75n+yT2R5GCp
-d0kuf0ET2cLA0XdA/iY1pIQFw+QflukJGK43z6zyOHR0YSXlBLeCqUo7HWQIxT89
-NfFGcwhw/urpfth1d50gh9MfIgdW+A==
-=gCER
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQCGzwf9H0cbHjVgdI6XExFXDXAxBvT7iKHOHGjfBNNCDhG4DM6vYe8Hu2ehg1WQ
+hkBEp0WbANHVRLjloHu3HBLuZ/77h53GV8+7pJ1bDza6o+Cfi4PYAz2WtrTEiguN
+aBXqAG2YMtFROMEysnBQWh17BhSLC67z/bX3N8N5CBerA+e1ykuaYI+cntAyXx7h
+aCFVKCJhveWvAt76NA4fHl8NMzdWlepEDPDqd7+m/WPfnYAt5YW6BWJ0/wsY9q+o
+y1BDwCCVJp5sLV9Bl69S/9vYtFvJlP2sGzYdrPPnfP9YU6edGAWVoRiaDEjwsCoR
+KMc2yK0utQvFTMeK0cjucJyyV90UaA==
+=Yo3j
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46591.md 
b/content/security/CVE-2026-46591.md
index 3277c6cd..a22b9a32 100644
--- a/content/security/CVE-2026-46591.md
+++ b/content/security/CVE-2026-46591.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46591
 severity: MEDIUM
-summary: "Apache Camel: Camel-Neo4j: JSON property names from the 
CamelNeo4jMatchProperties header are interpolated into the Cypher WHERE clause 
without validation, allowing Cypher injection (incomplete remediation of 
CVE-2025-66169)"
+summary: "Camel-Neo4j: JSON property names from the CamelNeo4jMatchProperties 
header are interpolated into the Cypher WHERE clause without validation, 
allowing Cypher injection (incomplete remediation of CVE-2025-66169)"
 description: "The camel-neo4j producer builds the Cypher WHERE clause for its 
match/retrieve and delete operations from the CamelNeo4jMatchProperties map. 
CVE-2025-66169 addressed Cypher injection through the property values by 
binding them as query parameters ($paramN), but the property names (the JSON 
keys of that map) were still concatenated into the query string verbatim in 
Neo4jProducer.retrieveNodes() and deleteNode(). A property name containing 
Cypher syntax therefore alters the s [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. For deployments that cannot 
upgrade immediately, do not populate the CamelNeo4jMatchProperties map from 
untrusted input: validate or allow-list the property names (for example against 
^[A-Za-z_][A-Za-z0-9_]*$) before the [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-46591.txt.asc 
b/content/security/CVE-2026-46591.txt.asc
index 0b0985ac..958a0eec 100644
--- a/content/security/CVE-2026-46591.txt.asc
+++ b/content/security/CVE-2026-46591.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46591
 severity: MEDIUM
-summary: "Apache Camel: Camel-Neo4j: JSON property names from the 
CamelNeo4jMatchProperties header are interpolated into the Cypher WHERE clause 
without validation, allowing Cypher injection (incomplete remediation of 
CVE-2025-66169)"
+summary: "Camel-Neo4j: JSON property names from the CamelNeo4jMatchProperties 
header are interpolated into the Cypher WHERE clause without validation, 
allowing Cypher injection (incomplete remediation of CVE-2025-66169)"
 description: "The camel-neo4j producer builds the Cypher WHERE clause for its 
match/retrieve and delete operations from the CamelNeo4jMatchProperties map. 
CVE-2025-66169 addressed Cypher injection through the property values by 
binding them as query parameters ($paramN), but the property names (the JSON 
keys of that map) were still concatenated into the query string verbatim in 
Neo4jProducer.retrieveNodes() and deleteNode(). A property name containing 
Cypher syntax therefore alters the s [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. For deployments that cannot 
upgrade immediately, do not populate the CamelNeo4jMatchProperties map from 
untrusted input: validate or allow-list the property names (for example against 
^[A-Za-z_][A-Za-z0-9_]*$) before the [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23528 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23258 (commit 
bb4176fe87dc0cc60a5be37a57b69b8c610c1dd2) and backported to camel-4.18.x 
(commit 865d0b8b99f969e06ec6275b69c72670b5763245) and camel-4.14.x (commit 
7881d949c40befcc602016dcce25a2fb38d070ce). The fix adds strict property-name 
validation (^[A-Za-z_][A-Za-z0-9_]*$) in  [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQA5IAgAlty0klBH6og4me3Mmzm/JzMTg8H6KjJe+PDsCOVQF5FZvK+47l871njw
-wdekJkAamL20tveC5QDVtg0C0dOmi0fto5DXjDeFmfQNBjS3KAEnWD7tOXdHcz9v
-HKeORiobrI0AEkYRS8Ru6Yo61DNazuMuexS7ebks29Mzd3RWDscbH9ykA+2I3/tV
-0zKdwH1xEWb00Bpu1cOyzZCFbd8lo+J2tEGtZo3wUwWKAJ7p8fRFSDLkpYjA2cux
-Tq65mC3WLlf+NpiidVzWaprnFSUokMIMy13ZeP79pzTmAP9odFclSiqSEC2WlnRX
-H5lOy2ezQeEBoh5bfJqO4hb8guwyJg==
-=h8F6
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQDkxggAoKtshAwICpr6J9dcH5t9wQpRNJQ3o46n0tQGHQjlv+xnd5NzWHqktW0r
+MX675MKmN+Zkh5tuM/XDg9GBsi5lA/TphnjeoOS7CBwgmUqrUz3n+uXHIqjTjh4t
+lKMVSnuVKZDvufM/Gy5wR/Xuit9eJVpP0fZwnhuYtc71QM0vNXk7PRGwM4NgodlR
+q554/X5EBcZ0P1sPXw1sMDT5DOMEKKvn/A/u2ouGFPbmBpYxFRS1vjohnUXJ4nsB
+9qntHrWbxfC+wmo2qosE8DmJWuaCe3+izEK/QoZVUiRt/FtHF8SArpZIhUqiWdvz
+O7whnEuLgrPGCeS8tviFR+Ki2LxLQQ==
+=OQ8h
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46592.md 
b/content/security/CVE-2026-46592.md
index 696a8996..9a00f8ff 100644
--- a/content/security/CVE-2026-46592.md
+++ b/content/security/CVE-2026-46592.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46592
 severity: MEDIUM
-summary: "Apache Camel: Camel-CXF: The SOAP operation-selection headers used 
non-Camel-prefixed names (operationName, operationNamespace) that bypass the 
HTTP header filter, allowing an HTTP client to redirect the invoked SOAP 
operation"
+summary: "Camel-CXF: The SOAP operation-selection headers used 
non-Camel-prefixed names (operationName, operationNamespace) that bypass the 
HTTP header filter, allowing an HTTP client to redirect the invoked SOAP 
operation"
 description: "The camel-cxf producer selects which SOAP operation to invoke on 
the backend service from the operationName (and operationNamespace) Exchange 
header, whose constant values (CxfConstants.OPERATION_NAME / 
OPERATION_NAMESPACE) were the plain strings operationName / operationNamespace. 
Because these names do not start with the Camel / camel prefix, 
HttpHeaderFilterStrategy - which blocks only the Camel header namespace on the 
HTTP boundary - let them pass from an inbound HTTP r [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, the 
operation-selection headers are named CamelCxfOperationName / 
CamelCxfOperationNamespace and are filtered at transport boundaries; see the 
4.21 upgrade guide for the cross-transport carrier-header pa [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-46592.txt.asc 
b/content/security/CVE-2026-46592.txt.asc
index f601aed8..f690444a 100644
--- a/content/security/CVE-2026-46592.txt.asc
+++ b/content/security/CVE-2026-46592.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46592
 severity: MEDIUM
-summary: "Apache Camel: Camel-CXF: The SOAP operation-selection headers used 
non-Camel-prefixed names (operationName, operationNamespace) that bypass the 
HTTP header filter, allowing an HTTP client to redirect the invoked SOAP 
operation"
+summary: "Camel-CXF: The SOAP operation-selection headers used 
non-Camel-prefixed names (operationName, operationNamespace) that bypass the 
HTTP header filter, allowing an HTTP client to redirect the invoked SOAP 
operation"
 description: "The camel-cxf producer selects which SOAP operation to invoke on 
the backend service from the operationName (and operationNamespace) Exchange 
header, whose constant values (CxfConstants.OPERATION_NAME / 
OPERATION_NAMESPACE) were the plain strings operationName / operationNamespace. 
Because these names do not start with the Camel / camel prefix, 
HttpHeaderFilterStrategy - which blocks only the Camel header namespace on the 
HTTP boundary - let them pass from an inbound HTTP r [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, the 
operation-selection headers are named CamelCxfOperationName / 
CamelCxfOperationNamespace and are filtered at transport boundaries; see the 
4.21 upgrade guide for the cross-transport carrier-header pa [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23526 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23326 (commit 
7240570a05687792c95badfa8d11ed2644117230) and backported to camel-4.18.x 
(commit 36a5088b58be38317a8f974ffda2a262fa00b4e4) and camel-4.14.x (commit 
0138da45fc9428172c1585ab4561d42e8868cf49). The fix renames the camel-cxf 
Exchange header values to the Camel conventio [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQD+rggArX4gV3sZdb1eyOc2dkYmA7GJV4JVa9MdjrFuZy+Tqt9T8eK8D2L5yxld
-kJoajcdMeM/GFsS/BSr3QhoPTGlWd55ViBbW+9tbCFGvqwI1bHZYeQ/vK0sbq1ty
-R20d7xr8cRMy5kKpCrPQEFkH5DsVcysuvmxV44gNzhNrqBEyGXPjHu8VEruu29ss
-sPR5k8yGzmWO4icQ+wheOD/+LxCn8PBOrO/PD5CIYbitFpyg+t7Cz0dvzNXWojn1
-CRRD2L5ypit1ut6JEuneDzqJtuPEtPkXdFmSIZ4J/d5D/lpi8TsT+Jmc/SspiOqG
-TuW6xgWg4Q3oUmOfH+2Og70fACYS9A==
-=ZYJf
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQDVeQf9HTeVGmeqAnZnmzu2Jt8dm8lm7H6/m6Xec6PkbOKNY1bRh59wKTmwQF3D
+sbESkwgToVtZFYDZl7cysPIMTw+/Puc/Sc2pBf5icJ2qHSXVTZdVuT1imw8Bno5j
+GAcol+qDbvJDzNiQ5GfEHF6dH7Tj0UCmf0zXWYrUw/uKhbgrgx0xcMOzyuC1yLh6
+nd50VKmzViaSISMHRIw9jg4dFsowT5/vIZItzmgSWOWadHoXdmaeoHZjlEIJJKeb
+X8A06fSRXwU9SBOVWBlsZ0h7MkPAntKQZ9wDw1z6P//0HNTQ4PfWz6Wy6rLUd0fB
+jmYwTX1klY9VTerhcz/bfD4EzM2bVQ==
+=vOww
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-46726.md 
b/content/security/CVE-2026-46726.md
index 88a55b65..21092240 100644
--- a/content/security/CVE-2026-46726.md
+++ b/content/security/CVE-2026-46726.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46726
 severity: HIGH
-summary: "Apache Camel: Camel-Vertx-Websocket, Camel-Atmosphere-Websocket and 
Camel-Iggy: Inbound consumers map externally-supplied parameters into the 
Exchange without a HeaderFilterStrategy, allowing injection of Camel control 
headers - enabling server-side request forgery and disclosure of secrets 
through the vertx-websocket consumer"
+summary: "Camel-Vertx-Websocket, Camel-Atmosphere-Websocket and Camel-Iggy: 
Inbound consumers map externally-supplied parameters into the Exchange without 
a HeaderFilterStrategy, allowing injection of Camel control headers - enabling 
server-side request forgery and disclosure of secrets through the 
vertx-websocket consumer"
 description: "The camel-vertx-websocket consumer mapped inbound WebSocket 
query and path parameters into the Camel Exchange header map without applying 
any HeaderFilterStrategy (VertxWebsocketConsumer.populateExchangeHeaders()). 
Because nothing blocked the Camel header namespace, a client connecting to the 
WebSocket endpoint could set Camel-internal control headers - including 
CamelHttpUri (Exchange.HTTP_URI) - simply by supplying them as query 
parameters. In a route where the WebSocket  [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix makes the affected 
consumers apply a HeaderFilterStrategy that filters the Camel header namespace 
case-insensitively on inbound mapping, so externally-supplied Camel* / camel* 
headers are no longer copied into th [...]
 credit: "This issue was discovered by Kamalpreet Singh"
diff --git a/content/security/CVE-2026-46726.txt.asc 
b/content/security/CVE-2026-46726.txt.asc
index b16ede30..a57d5078 100644
--- a/content/security/CVE-2026-46726.txt.asc
+++ b/content/security/CVE-2026-46726.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46726
 severity: HIGH
-summary: "Apache Camel: Camel-Vertx-Websocket, Camel-Atmosphere-Websocket and 
Camel-Iggy: Inbound consumers map externally-supplied parameters into the 
Exchange without a HeaderFilterStrategy, allowing injection of Camel control 
headers - enabling server-side request forgery and disclosure of secrets 
through the vertx-websocket consumer"
+summary: "Camel-Vertx-Websocket, Camel-Atmosphere-Websocket and Camel-Iggy: 
Inbound consumers map externally-supplied parameters into the Exchange without 
a HeaderFilterStrategy, allowing injection of Camel control headers - enabling 
server-side request forgery and disclosure of secrets through the 
vertx-websocket consumer"
 description: "The camel-vertx-websocket consumer mapped inbound WebSocket 
query and path parameters into the Camel Exchange header map without applying 
any HeaderFilterStrategy (VertxWebsocketConsumer.populateExchangeHeaders()). 
Because nothing blocked the Camel header namespace, a client connecting to the 
WebSocket endpoint could set Camel-internal control headers - including 
CamelHttpUri (Exchange.HTTP_URI) - simply by supplying them as query 
parameters. In a route where the WebSocket  [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix makes the affected 
consumers apply a HeaderFilterStrategy that filters the Camel header namespace 
case-insensitively on inbound mapping, so externally-supplied Camel* / camel* 
headers are no longer copied into th [...]
 credit: "This issue was discovered by Kamalpreet Singh"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23532 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23285 (commit 
1e776238202edb9d98972cff558e12b53e499647) and backported to camel-4.18.x 
(commit 88c43e3af36013585b5483c671950f30e5833a5f) and camel-4.14.x (commit 
508fc15deca97ba373eb3881a00e220eab9ec428). The fix adds a dedicated 
HeaderFilterStrategy to each affected consumer - a [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQAIJgf/WiofpIpYaklvH5pBAucVW+SVzBoQovo1I6NtZ4aZvAUQ1Tfjb1BNtSjZ
-wbbIwJavaBRhc4an5oDWqL0Z6oBl8yRp1kx8HTx8AqtEbUPzxLEHh9kYEitsMxpG
-Bl3+hMyROt7WEkpqsv83PuiYwknVl8il4KEvp1LkXZcWmKrkGucOlQwt8C1NAWT6
-ZTU68ahWtAfKuVLrpevrFhQ9hr+QWX7KHd7YfFXj7Sx35opvrtDnn7yTUDuUzJGG
-Z3pxd6ceYAEeUgkXhtjGr/qjyj1qkaEaC9eOpsTFg3Bfbxa5RH86tfpJv9Uw0yj9
-sWvI9yHjXVkiqsegQWgUVxXf/ya7lg==
-=q1do
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQAAogf+Ja+WDUdgK2lM9BATzOZedlWea2hr+L1xWoXLHwBbLU/0HAr9YgRAEk0D
+4TFvTF0W6HxR7nXsCMZZTJOGtQcCfxzJtQlLRJJjotn3njVWqaCuLL+GvRDi5156
+VJnK7GcEqJeGttF9kLZSVlsqxBOqEBgnSUQtfvMQqqEt4Pc4SYYJWohaL934zCVa
+i8CV+v2h4ozR11voFi88H+Exsg8ebk81IGwWOJAmEQAUOgU1WeOvvfdL5k4nRE+a
+SAmEUphHkxzqFNx+z2WPsC3q1CDZl7CaxoB3skihL/ePw2K7pFC0SVs8CaaTQvKE
+DM8A0nejClYGPBlG36wkI8Lk/SmXTQ==
+=W9wM
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-48203.md 
b/content/security/CVE-2026-48203.md
index 415a9bb7..5306b9fd 100644
--- a/content/security/CVE-2026-48203.md
+++ b/content/security/CVE-2026-48203.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-48203
 severity: MEDIUM
-summary: "Apache Camel: Camel-Solr: The SolrParam. and SolrField. Exchange 
header prefixes used non-Camel-prefixed names that bypass the HTTP header 
filter, allowing an HTTP client to inject Solr query parameters (server-side 
request forgery) and document fields"
+summary: "Camel-Solr: The SolrParam. and SolrField. Exchange header prefixes 
used non-Camel-prefixed names that bypass the HTTP header filter, allowing an 
HTTP client to inject Solr query parameters (server-side request forgery) and 
document fields"
 description: "The camel-solr producer copies Exchange message headers whose 
names begin with the SolrParam. prefix into the parameters of the Solr request, 
and headers whose names begin with the SolrField. prefix into the fields of the 
indexed Solr document. The prefix constants (SolrConstants.HEADER_PARAM_PREFIX 
/ HEADER_FIELD_PREFIX) were the plain strings SolrParam. / SolrField.. Because 
these names do not start with the Camel / camel prefix, 
HttpHeaderFilterStrategy - which blocks on [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that set 
Solr parameters or fields via the raw header prefixes must use CamelSolrParam. 
/ CamelSolrField. instead of SolrParam. / SolrField.. For deployments that 
cannot upgrade immediately, strip [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-48203.txt.asc 
b/content/security/CVE-2026-48203.txt.asc
index 1099e549..43d84204 100644
--- a/content/security/CVE-2026-48203.txt.asc
+++ b/content/security/CVE-2026-48203.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-48203
 severity: MEDIUM
-summary: "Apache Camel: Camel-Solr: The SolrParam. and SolrField. Exchange 
header prefixes used non-Camel-prefixed names that bypass the HTTP header 
filter, allowing an HTTP client to inject Solr query parameters (server-side 
request forgery) and document fields"
+summary: "Camel-Solr: The SolrParam. and SolrField. Exchange header prefixes 
used non-Camel-prefixed names that bypass the HTTP header filter, allowing an 
HTTP client to inject Solr query parameters (server-side request forgery) and 
document fields"
 description: "The camel-solr producer copies Exchange message headers whose 
names begin with the SolrParam. prefix into the parameters of the Solr request, 
and headers whose names begin with the SolrField. prefix into the fields of the 
indexed Solr document. The prefix constants (SolrConstants.HEADER_PARAM_PREFIX 
/ HEADER_FIELD_PREFIX) were the plain strings SolrParam. / SolrField.. Because 
these names do not start with the Camel / camel prefix, 
HttpHeaderFilterStrategy - which blocks on [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that set 
Solr parameters or fields via the raw header prefixes must use CamelSolrParam. 
/ CamelSolrField. instead of SolrParam. / SolrField.. For deployments that 
cannot upgrade immediately, strip [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23597 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23410 (commit 
4578a9014a6b7a914cf16baf2c5bf62a7b163a88) and backported to camel-4.18.x 
(commit cfc0d51f015b3112eae4ce0968d045f00e95c796) and camel-4.14.x (commit 
f79cbe3f8bc3fe1095d8492e9ef321289451d457). The fix renames the two camel-solr 
Exchange header prefix values to the Cam [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQCazgf+M4mOhmr6oW5gC6pbgloAhqg+8ICxBb7Ty2GRAfAhM3/5dRR2wn01YHM9
-B3KThK+a/y3PlvBXc5ACvEflBp2DMv4mTGC+f2Cvg151HLxqQp4UJVpTIjwylv+F
-L5VMvazBnVk71Ddhz+wntdm5a+jJgMOORJH5VWibkqK/cpdQMOmI5rnpYjMnBh4/
-5d+UPjEIzEd99+9oFpkTnKaT6nVEJ0VdbrB8U5PzEFgyqI2bzf0GbVVDk/JXlmSW
-nXBckMD0sBUU1aOAaE2fSjTt8+aNbQA1adH39pXGr5Y3hjfFd3udoYgSCU8mKcJE
-fIfGInY4v8QB1zezi3gS68c6blPCYg==
-=rbyf
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQCbqgf+PlmKuvqCHU81LtrJA+l5ZYlfzl5vcVv6YbQHlyxrTb64FTUp0XIGF6hj
+v3zgdfe08Ois0Tm0skKPke1vYiIdmNNQqEz3kiir8x16F+rylML9tUwhBSIILMp2
+N47Qh9+lfimbP4bOjlYm9+Pbfbizfb2eMTtfcOBhKEym+TVDAsL9CchX8unbhnhg
+yO+yMvww4zyxuvTZh+IhTCZnzQGDDfHZzeTrarxd4PDTBixRKCa1D23brtm0apt5
+kvm3P9uc02aUROhZqr4S7qV7idLtVEzPYu8YpF/PUP63idtiPlYVfye+lGy2UnEJ
+IhuXrOZXqs9lqZx2ScvtOSCMiMnKng==
+=1602
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-48204.md 
b/content/security/CVE-2026-48204.md
index 28220e1d..23821275 100644
--- a/content/security/CVE-2026-48204.md
+++ b/content/security/CVE-2026-48204.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-48204
 severity: MEDIUM
-summary: "Apache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers 
used non-Camel-prefixed names that bypass the HTTP header filter, allowing an 
HTTP client to switch the GridFS operation - including destructive file 
deletion - in the default configuration"
+summary: "Camel-MongoDB-GridFS: The gridfs.* control headers used 
non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP 
client to switch the GridFS operation - including destructive file deletion - 
in the default configuration"
 description: "The camel-mongodb-gridfs producer selects the GridFS operation 
to perform from the gridfs.operation Exchange header when the endpoint's 
operation parameter is not set - which is the default. The control-header 
constants (GridFsConstants.GRIDFS_OPERATION, GRIDFS_OBJECT_ID, GRIDFS_METADATA, 
GRIDFS_CHUNKSIZE, GRIDFS_FILE_ID_PRODUCED) were the plain strings 
gridfs.operation, gridfs.objectid, gridfs.metadata, gridfs.chunksize and 
gridfs.fileid. Because these names do not start w [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that 
drive GridFS operations or metadata via the raw header names must use 
CamelGridFsOperation / CamelGridFsObjectId / CamelGridFsMetadata / 
CamelGridFsChunkSize / CamelGridFsFileId instead of th [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-48204.txt.asc 
b/content/security/CVE-2026-48204.txt.asc
index 53e21a78..1333416a 100644
--- a/content/security/CVE-2026-48204.txt.asc
+++ b/content/security/CVE-2026-48204.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-48204
 severity: MEDIUM
-summary: "Apache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers 
used non-Camel-prefixed names that bypass the HTTP header filter, allowing an 
HTTP client to switch the GridFS operation - including destructive file 
deletion - in the default configuration"
+summary: "Camel-MongoDB-GridFS: The gridfs.* control headers used 
non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP 
client to switch the GridFS operation - including destructive file deletion - 
in the default configuration"
 description: "The camel-mongodb-gridfs producer selects the GridFS operation 
to perform from the gridfs.operation Exchange header when the endpoint's 
operation parameter is not set - which is the default. The control-header 
constants (GridFsConstants.GRIDFS_OPERATION, GRIDFS_OBJECT_ID, GRIDFS_METADATA, 
GRIDFS_CHUNKSIZE, GRIDFS_FILE_ID_PRODUCED) were the plain strings 
gridfs.operation, gridfs.objectid, gridfs.metadata, gridfs.chunksize and 
gridfs.fileid. Because these names do not start w [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that 
drive GridFS operations or metadata via the raw header names must use 
CamelGridFsOperation / CamelGridFsObjectId / CamelGridFsMetadata / 
CamelGridFsChunkSize / CamelGridFsFileId instead of th [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23575 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23413 (commit 
8f0b1acfb89867bc28805d8281fa5c70192e2122) and backported to camel-4.18.x 
(commit 054d0c1e6c63f06b1a890c93f24115ee9bd110a8) and camel-4.14.x (commit 
9915ad461dad8f5073782f643557bf1e7ae3bc31). The fix renames the 
camel-mongodb-gridfs Exchange header values to the Came [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQBy7Qf+PZtbscveQfEM3SNE/x9DisDgrtMZUOdd4X3RwopRdO9zLp5lDn1o+84U
-TiqqxK4j5+3UNtCoZYYB1tSyb/yPSngOfERj6Cd+CVkuu7YY+E9UJmEdrxSrdvk6
-Asn2pV6IlODFQsPAIlcPzQCOaus4p73HFyIMA9KgvTfg5zPwrbtwKz8rxQsxxNFR
-/sqGtGMvoUBjHEyfk4HGChiFbNIC1E+Uq00kol6ryUpdSm9bMFjzgi4xJjwR/EZN
-Llfm5RuB8dJtqfcT977kKNjfqfLsp9PkCcSoO3GtfNxOkSmSPB/VnBjW9SO4MOse
-jXZppx5SOS/A8U9b4Oj3gDLURQ9ixQ==
-=OkJF
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQAEuQf+J/kkzHk00iOG2uiUCyMcBfjdskhURzAury3AysnAwvSYK6VPVCXx7srU
+kVZUtU4Fknx1lcuG2GoKMpC4fXUWkbIH9DXcPw0K86LqZTCoym2YBHetNOFILwBS
+6Ojf++pGAUENJx/Ue/4UA+acP9OcMqPoaJkh2vfm7TWVw3dy+lLd6VpU0+u5rkwj
+/G/WBkWYQavRQSyxLNdmVdq/NS1HFkI2I70DdzHv1+98RiypJkjjm3aMj2aVaYGg
+OJt3MnDgKcoAaxDb+BFYj8QnFtbaqjK2Cov3ZQetVJ/v5OYMCYuEju+EGiQjzrOj
+lI7LmauH0dY/KPYpR/p5TbfFhGKHAQ==
+=S1b8
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-48205.md 
b/content/security/CVE-2026-48205.md
index 7015ddb9..0c42f054 100644
--- a/content/security/CVE-2026-48205.md
+++ b/content/security/CVE-2026-48205.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-48205
 severity: MEDIUM
-summary: "Apache Camel: Camel-DNS: The dns.* and term Exchange header 
constants used non-Camel-prefixed names that bypass the HTTP header filter, 
allowing an HTTP client to redirect DNS queries to an attacker-controlled 
server (server-side request forgery) and enumerate internal hostnames"
+summary: "Camel-DNS: The dns.* and term Exchange header constants used 
non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP 
client to redirect DNS queries to an attacker-controlled server (server-side 
request forgery) and enumerate internal hostnames"
 description: "The camel-dns producers read DNS operation parameters - the 
resolver to query, the name or domain to look up, the record type and class, 
and the search term - from Exchange message headers whose constant values 
(DnsConstants.DNS_SERVER, DNS_NAME, DNS_DOMAIN, DNS_TYPE, DNS_CLASS, TERM) were 
the plain strings dns.server, dns.name, dns.domain, dns.type, dns.class and 
term. Because these names do not start with the Camel / camel prefix, 
HttpHeaderFilterStrategy - which blocks o [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that 
drive DNS operations via the raw header names must use CamelDnsServer / 
CamelDnsName / CamelDnsDomain / CamelDnsType / CamelDnsClass / CamelDnsTerm 
instead of the dns.* / term names. For depl [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-48205.txt.asc 
b/content/security/CVE-2026-48205.txt.asc
index 575069e2..60a7fab2 100644
--- a/content/security/CVE-2026-48205.txt.asc
+++ b/content/security/CVE-2026-48205.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-48205
 severity: MEDIUM
-summary: "Apache Camel: Camel-DNS: The dns.* and term Exchange header 
constants used non-Camel-prefixed names that bypass the HTTP header filter, 
allowing an HTTP client to redirect DNS queries to an attacker-controlled 
server (server-side request forgery) and enumerate internal hostnames"
+summary: "Camel-DNS: The dns.* and term Exchange header constants used 
non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP 
client to redirect DNS queries to an attacker-controlled server (server-side 
request forgery) and enumerate internal hostnames"
 description: "The camel-dns producers read DNS operation parameters - the 
resolver to query, the name or domain to look up, the record type and class, 
and the search term - from Exchange message headers whose constant values 
(DnsConstants.DNS_SERVER, DNS_NAME, DNS_DOMAIN, DNS_TYPE, DNS_CLASS, TERM) were 
the plain strings dns.server, dns.name, dns.domain, dns.type, dns.class and 
term. Because these names do not start with the Camel / camel prefix, 
HttpHeaderFilterStrategy - which blocks o [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that 
drive DNS operations via the raw header names must use CamelDnsServer / 
CamelDnsName / CamelDnsDomain / CamelDnsType / CamelDnsClass / CamelDnsTerm 
instead of the dns.* / term names. For depl [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23574 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23411 (commit 
bdd40cf23f2b22cd293ddad319069a7b3b3c6c70) and backported to camel-4.18.x 
(commit 29b18beaf1fb07276de909b8e19cd87f01e8abd9) and camel-4.14.x (commit 
a6d8a44684c0116531e70ad8eb8bb37bd5601e98). The fix renames the camel-dns 
Exchange header values to the Camel conventio [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQCD9gf+J/fqPgskztbdjzddPWby3VCX5r+vOKXjh48+ptMUFk3+0XUd2jFyAfn6
-ddH/FZa/72L5j01cqps53IL4s8v6bOySG6FIQXO36W/HOe5ASkSR4ldsGC4NAMyH
-keX3tLpeq0zHaBHPkCAWduD2ztfbYoYdaZPZy2baY+T7f8mF3UNd8KKEeK5+0w8W
-ZV5vHxMo+zQNL3dSmfx0fPB7Xf1rk40o+V1BAe3EbiY3uCrA92hX0Nd5emreK20o
-GLcDioVMIjRRP77IDs7err9WPkFbMnz2mCSeIgTy6eemw0I0VM+E6vQt4BfgkrqT
-gfybnZ9zf1im0CjoXGwhA/YZsi4igw==
-=XlBd
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQAI+wf8CUBqI73Z4Q/95BdsZVo5jqZiHEQXsMraGXC2VXv0caOBWZ415lEBUXj3
+tk7zpTwyW/YhybtwkXrCZOc1alJfY6DI2cJCjUW9EXf7UvG32zipgtMdLizVo+i4
+kXfcqrXC6t5dc/xqD9ydSli0Tvqwv9F8wzJxRZGRoGZuq3ehdY6MT2brjYS11Z48
+8KlNFmk0kKh5cnHw2vJRn/GM1B0BPRhmjaUfqRS/6GxohdCO7vP7Szi1CmooI5RD
+c1mfBTZquYCpQxreI3TTVu1mR2p0cLz/iSTxGLhSgm+hs4PCGPMpFATzAyDfR40H
+yj5gkGpg1yTNHa9G8MriiW6HFartVQ==
+=JCqR
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-48206.md 
b/content/security/CVE-2026-48206.md
index b210eb90..81529817 100644
--- a/content/security/CVE-2026-48206.md
+++ b/content/security/CVE-2026-48206.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-48206
 severity: MEDIUM
-summary: "Apache Camel: Camel-JIRA: A set of non-Camel-prefixed Exchange 
header constants (IssueKey, ProjectKey, IssueTransitionId, ...) bypass the HTTP 
header filter, allowing an HTTP client to drive arbitrary JIRA issue operations 
using the endpoint's configured credentials"
+summary: "Camel-JIRA: A set of non-Camel-prefixed Exchange header constants 
(IssueKey, ProjectKey, IssueTransitionId, ...) bypass the HTTP header filter, 
allowing an HTTP client to drive arbitrary JIRA issue operations using the 
endpoint's configured credentials"
 description: "The camel-jira producers read their operation parameters - the 
issue key, project key, transition id, summary, type, assignee, components, 
watchers, link type, work-log minutes and others - from Exchange message 
headers. The header constants defined in JiraConstants (for example ISSUE_KEY = 
IssueKey, ISSUE_PROJECT_KEY = ProjectKey, ISSUE_TRANSITION_ID = 
IssueTransitionId, LINK_TYPE = linkType) used plain, non-Camel-prefixed values. 
Because these names do not start with the  [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that 
drive JIRA operations via the raw header names must use the CamelJira* names 
(for example CamelJiraIssueKey) instead of the old values. For deployments that 
cannot upgrade immediately, strip  [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-48206.txt.asc 
b/content/security/CVE-2026-48206.txt.asc
index b2989423..9165462e 100644
--- a/content/security/CVE-2026-48206.txt.asc
+++ b/content/security/CVE-2026-48206.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-48206
 severity: MEDIUM
-summary: "Apache Camel: Camel-JIRA: A set of non-Camel-prefixed Exchange 
header constants (IssueKey, ProjectKey, IssueTransitionId, ...) bypass the HTTP 
header filter, allowing an HTTP client to drive arbitrary JIRA issue operations 
using the endpoint's configured credentials"
+summary: "Camel-JIRA: A set of non-Camel-prefixed Exchange header constants 
(IssueKey, ProjectKey, IssueTransitionId, ...) bypass the HTTP header filter, 
allowing an HTTP client to drive arbitrary JIRA issue operations using the 
endpoint's configured credentials"
 description: "The camel-jira producers read their operation parameters - the 
issue key, project key, transition id, summary, type, assignee, components, 
watchers, link type, work-log minutes and others - from Exchange message 
headers. The header constants defined in JiraConstants (for example ISSUE_KEY = 
IssueKey, ISSUE_PROJECT_KEY = ProjectKey, ISSUE_TRANSITION_ID = 
IssueTransitionId, LINK_TYPE = linkType) used plain, non-Camel-prefixed values. 
Because these names do not start with the  [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that 
drive JIRA operations via the raw header names must use the CamelJira* names 
(for example CamelJiraIssueKey) instead of the old values. For deployments that 
cannot upgrade immediately, strip  [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23576 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23417 (commit 
3240a174a3707ba2b1d893c4ac0880829e0c9233) and backported to camel-4.18.x 
(commit 024704f95f16d1260304054088fa0b34acb57ebf) and camel-4.14.x (commit 
6863ea624605ab3fa8827c43a4c5df333f767dc4). The fix renames the camel-jira 
Exchange header constant values to the Camel [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQAAuggArugs/6V+nI9LE0vFZajL+mLLpH+6xzPTWwVMGLBEiehpTn7DPGbMfLrq
-5s2MZHhnr3Mk5EC2ZZtCBKUlbiECLiSR2v0hLFt58FJMjGY6oubYOYOyFhroZvjP
-pq20roznx2oFcOWm9XEK9DN1CynNgpteWi0KKDUYQdK6pfSSvGgAKNl+he7RFgz9
-SuDXEGvNKx0PtUZms4sEWPPYhH2wykSqLvVpDVB95o1LeVc13ngp0kODKIcz9tpD
-gpUR2v6mu80qLd3ZpmYL/zEjIhMB7Ewxq/1Rq/on1LdcCibrPMYreI3r9uVmUorZ
-EUPO+IHUdPUPK0Ufy84VtaQt2oQd/A==
-=WyJi
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQAAWggArGiFTZLearV5i6RKE0SJQWxVMiBrdMXg5PSpmrilDj3gNcHAhwOesjn3
+aqBde/Q2P9X+VnJF7h9x+nRvY8d6uXp9iIdM3OqMmFPi9vAu61QY3aFGIGE0/DIx
+VhFQyb1HhWQXJ/G6imPXBZVjidn16W+53NTiaq5aYLLxxTFsYLI0EtLTsfzteIQV
+m59PRaQXoS0jq+v5TbUBigYkyAYZpC1DbzJnImmeNVelFijU2/BN5vl4B/X07mXD
+0skuClM3r8VFe4MNGJ83PpsDptuFFnGkmGgtd1V/xNbtbvTu1e8rwJyZEqkSDIO/
+zbSCRyClKwWOXKPEdXrMtfBVkBQpjg==
+=H+Le
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-49086.md 
b/content/security/CVE-2026-49086.md
index 35a312ba..6b116a35 100644
--- a/content/security/CVE-2026-49086.md
+++ b/content/security/CVE-2026-49086.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-49086
 severity: MEDIUM
-summary: "Apache Camel: Camel-Dapr: The Dapr Pub/Sub consumer copied the 
inbound CloudEvent's pub/sub-name and topic into producer-direction routing 
headers, allowing an actor who can publish to the subscribed topic to redirect 
the re-published message to an arbitrary Dapr Pub/Sub component and topic"
+summary: "Camel-Dapr: The Dapr Pub/Sub consumer copied the inbound 
CloudEvent's pub/sub-name and topic into producer-direction routing headers, 
allowing an actor who can publish to the subscribed topic to redirect the 
re-published message to an arbitrary Dapr Pub/Sub component and topic"
 description: "The camel-dapr Dapr Pub/Sub consumer (DaprPubSubConsumer) copied 
two fields from each inbound CloudEvent - its Pub/Sub component name and its 
topic - into the CamelDaprPubSubName and CamelDaprTopic Exchange headers. These 
two headers are producer-direction routing headers: when the route republishes 
through a Dapr producer, DaprConfigurationOptionsProxy reads them back and 
prefers them over the destination configured on the endpoint. As a result, in a 
route that consumes fr [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. For deployments that cannot 
upgrade immediately, remove the CamelDaprPubSubName and CamelDaprTopic headers 
from the Exchange between the Dapr consumer and any Dapr producer in the route 
(for example removeHeaders('CamelD [...]
 credit: "This issue was discovered by Leon Zlobecki"
diff --git a/content/security/CVE-2026-49086.txt.asc 
b/content/security/CVE-2026-49086.txt.asc
index 41fc06d8..1a5b0a8c 100644
--- a/content/security/CVE-2026-49086.txt.asc
+++ b/content/security/CVE-2026-49086.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-49086
 severity: MEDIUM
-summary: "Apache Camel: Camel-Dapr: The Dapr Pub/Sub consumer copied the 
inbound CloudEvent's pub/sub-name and topic into producer-direction routing 
headers, allowing an actor who can publish to the subscribed topic to redirect 
the re-published message to an arbitrary Dapr Pub/Sub component and topic"
+summary: "Camel-Dapr: The Dapr Pub/Sub consumer copied the inbound 
CloudEvent's pub/sub-name and topic into producer-direction routing headers, 
allowing an actor who can publish to the subscribed topic to redirect the 
re-published message to an arbitrary Dapr Pub/Sub component and topic"
 description: "The camel-dapr Dapr Pub/Sub consumer (DaprPubSubConsumer) copied 
two fields from each inbound CloudEvent - its Pub/Sub component name and its 
topic - into the CamelDaprPubSubName and CamelDaprTopic Exchange headers. These 
two headers are producer-direction routing headers: when the route republishes 
through a Dapr producer, DaprConfigurationOptionsProxy reads them back and 
prefers them over the destination configured on the endpoint. As a result, in a 
route that consumes fr [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. For deployments that cannot 
upgrade immediately, remove the CamelDaprPubSubName and CamelDaprTopic headers 
from the Exchange between the Dapr consumer and any Dapr producer in the route 
(for example removeHeaders('CamelD [...]
 credit: "This issue was discovered by Leon Zlobecki"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23630 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23886 (commit 
72d13bd13fb5960ea1b367a2e379f017c1720c5c) and backported to camel-4.18.x 
(commit 86276a2ccc2cf8b09d7efeb38d9770845c4e1bea) and camel-4.14.x (commit 
c6fc9bb21670e5c65ea14df0f3f29baef78c2028). The fix stops DaprPubSubConsumer 
from setting the CamelDaprPubSubName and C [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0kACgkQ406fOAL/
-QQDcOQf/XURbbo0M6RbY17t6YywJtv+bXQD/yvqYqo15SsvAGq03oheNuPGopZiP
-EEQn5LXXvilZcBaCMUdgZY009ccrcI0viGyRpyF+B4xOXBCJPkwIjR6vLeCnc0Ju
-Ad8sg3kuIWd7eEntsTKiYEf6HaRh6YufJtawGgrWlYW7I/zXXJCy1YQ29eEszrZu
-OIO31coxoGXhZooYZ22QDVhb+lCx2xsyozk3v2vuHp1SOQ8TI9rE6oIll8SSDCx1
-3FCTdjFOAnQ2PqUZvhjbSkcrQXvzLDgGb9Lwe8rJlkuCmYUfwyQ9JZ8SBHmBTNb0
-JvT2NnhC3JN2RrMIhR3rxW2IO8Fu+w==
-=ANY3
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQDlUAgAmXAvFi+Os5eLROQrocUtndaF+tWK6+eNVpQAeaFvJMzD+BUeM4Iq1Yjx
+2Qq4aUTO1eFlUUZ9PQoFU62tvNx97N87Vzs5TY9i9p2nSc5hY/wX5nJkAe7ioCRZ
+UI9YbDEYIkvCVZWVslNZYN3zFPPyYPW5MQtEsKT9MS6uBVN029GMoRS+V+07VoSO
+QqmkCxhtqODv5HtdJHN/+MG9B8JHfnvoyP4o39ed5Bynw2kb96+CDIxY93qXjoyh
+9xv6xZJpQA/UkWUCvbkSoKqHCu6+SZ4mCpIbWBNMmXQcRvYanSedVE1ncxTQ9PKZ
+Slw6M3B77c2UsKGrvsM2IqBxxK94OQ==
+=FNf/
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-49097.md 
b/content/security/CVE-2026-49097.md
index c8acc06a..02ed7682 100644
--- a/content/security/CVE-2026-49097.md
+++ b/content/security/CVE-2026-49097.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-49097
 severity: MEDIUM
-summary: "Apache Camel: Camel-IRC: The irc.sendTo (and other irc.*) Exchange 
header constants used non-Camel-prefixed names that bypass the HTTP header 
filter, allowing an HTTP client to redirect outgoing IRC messages to arbitrary 
channels or users"
+summary: "Camel-IRC: The irc.sendTo (and other irc.*) Exchange header 
constants used non-Camel-prefixed names that bypass the HTTP header filter, 
allowing an HTTP client to redirect outgoing IRC messages to arbitrary channels 
or users"
 description: "The camel-irc producer chooses the destination of an outgoing 
IRC message from the irc.sendTo Exchange header (the constant 
IrcConstants.IRC_SEND_TO, value irc.sendTo); when that header is present it 
overrides the channel list configured on the endpoint, and the message is sent 
only to the specified destination. This and the component's other control 
headers (irc.target, irc.messageType, irc.user.*, irc.num, irc.value) used 
plain, non-Camel-prefixed values. Because these na [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that set 
IRC headers via the raw header names must use the CamelIrc* names (for example 
CamelIrcSendTo) instead of the old irc.* values. For deployments that cannot 
upgrade immediately, strip the  [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-49097.txt.asc 
b/content/security/CVE-2026-49097.txt.asc
index 903eb459..e1432c58 100644
--- a/content/security/CVE-2026-49097.txt.asc
+++ b/content/security/CVE-2026-49097.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-49097
 severity: MEDIUM
-summary: "Apache Camel: Camel-IRC: The irc.sendTo (and other irc.*) Exchange 
header constants used non-Camel-prefixed names that bypass the HTTP header 
filter, allowing an HTTP client to redirect outgoing IRC messages to arbitrary 
channels or users"
+summary: "Camel-IRC: The irc.sendTo (and other irc.*) Exchange header 
constants used non-Camel-prefixed names that bypass the HTTP header filter, 
allowing an HTTP client to redirect outgoing IRC messages to arbitrary channels 
or users"
 description: "The camel-irc producer chooses the destination of an outgoing 
IRC message from the irc.sendTo Exchange header (the constant 
IrcConstants.IRC_SEND_TO, value irc.sendTo); when that header is present it 
overrides the channel list configured on the endpoint, and the message is sent 
only to the specified destination. This and the component's other control 
headers (irc.target, irc.messageType, irc.user.*, irc.num, irc.value) used 
plain, non-Camel-prefixed values. Because these na [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that set 
IRC headers via the raw header names must use the CamelIrc* names (for example 
CamelIrcSendTo) instead of the old irc.* values. For deployments that cannot 
upgrade immediately, strip the  [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23629 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23594 (commit 
0be886bf433c718abe4a27498245f6898366fb0c) and backported to camel-4.18.x 
(commit 2959633a6dd51a9736a9efaedaa843548fcd2d3e) and camel-4.14.x (commit 
18b64b47fda68b15f4eb9f7ce8148c8b9ec819a0). The fix renames the 10 camel-irc 
Exchange header constant values to the Cam [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0oACgkQ406fOAL/
-QQDuCQf9Gj5KnDvf5fPPTMs3R6HNEAFL8BHoObf2A4GJ8T1NxeHTXq6TFWZoUUGP
-kzdThKfMaqAeXzZ48yWLNSPkD+NXs3iyPhBuz3UNX2vva+cZpMkxSQd7rcaUI/+p
-5yhIhiB9E23dXolg/StV2qv9JyTj1onQQSu2yQA/RRUiYMPALav0wEkJBbBdpEHJ
-0+HqarYFHRUXBXixrX2dboCokhe6OTp5AWKwk69LZlM8GgvYSaBEJsWvPWsqODLv
-4iM3hNKPbxIIZ0wFbe3y4VG6E9pF0xebQMR0XEpphJosnls1n5129bSiMLvYMZfm
-ZwY4huCmw7KVWDv7nExj2KBzRjRcXA==
-=I/Ri
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQDiWAf9EQhsxuSIT4gEfzbuBc+D/lcuVD65A4cB4TTRdvWAndeM6gPX3w8V9nHh
+GVzdw57QmLo5DjbyMoEOLfrPSyy2CAPXSXgf1aINxWBYjSg+rdbK21kf0FvwQmLt
+9FAngH8+7cp2Ga1HhW5GmJjb0pty3rwcT8Suz+N7TdYjyR+1aIBpn9F8KyWL9MtG
+y7FVEa7ar/yw8Z32Viq9x3ceDxS4qQtfTahdr3+sm+RPazXnc0h3IzFqhI/J8Tfu
+6GnKxKiILrtXSdJz+SE8WwyDFLpclrToykwgNJELB1hSlNu/TGPRx9J58oJ3dADj
+OFvbTmSn4egIX+h/ph0R6790ef/Iqw==
+=hD2S
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-49098.md 
b/content/security/CVE-2026-49098.md
index 5dea81c4..12f04ae0 100644
--- a/content/security/CVE-2026-49098.md
+++ b/content/security/CVE-2026-49098.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-49098
 severity: MEDIUM
-summary: "Apache Camel: Camel-Kafka: The kafka.OVERRIDE_TOPIC (and other 
kafka.*) Exchange header constants used non-Camel-prefixed names that bypass 
the upstream HTTP header filter, allowing an HTTP client to redirect Kafka 
messages to an arbitrary topic"
+summary: "Camel-Kafka: The kafka.OVERRIDE_TOPIC (and other kafka.*) Exchange 
header constants used non-Camel-prefixed names that bypass the upstream HTTP 
header filter, allowing an HTTP client to redirect Kafka messages to an 
arbitrary topic"
 description: "The camel-kafka producer can override its configured target 
topic at runtime from the kafka.OVERRIDE_TOPIC Exchange header: 
KafkaProducer.evaluateTopic() returns the header value in preference to the 
topic configured on the endpoint. The control-header constants in 
KafkaConstants (for example OVERRIDE_TOPIC = kafka.OVERRIDE_TOPIC, 
OVERRIDE_TIMESTAMP = kafka.OVERRIDE_TIMESTAMP, PARTITION_KEY = 
kafka.PARTITION_KEY) used plain, non-Camel-prefixed values. camel-kafka's own 
Kafk [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that set 
or read Kafka headers via the raw header names must use the CamelKafka* names 
(for example CamelKafkaOverrideTopic and CamelKafkaTopic) instead of the old 
kafka.* values. For deployments  [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-49098.txt.asc 
b/content/security/CVE-2026-49098.txt.asc
index f2ab508b..24324731 100644
--- a/content/security/CVE-2026-49098.txt.asc
+++ b/content/security/CVE-2026-49098.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-49098
 severity: MEDIUM
-summary: "Apache Camel: Camel-Kafka: The kafka.OVERRIDE_TOPIC (and other 
kafka.*) Exchange header constants used non-Camel-prefixed names that bypass 
the upstream HTTP header filter, allowing an HTTP client to redirect Kafka 
messages to an arbitrary topic"
+summary: "Camel-Kafka: The kafka.OVERRIDE_TOPIC (and other kafka.*) Exchange 
header constants used non-Camel-prefixed names that bypass the upstream HTTP 
header filter, allowing an HTTP client to redirect Kafka messages to an 
arbitrary topic"
 description: "The camel-kafka producer can override its configured target 
topic at runtime from the kafka.OVERRIDE_TOPIC Exchange header: 
KafkaProducer.evaluateTopic() returns the header value in preference to the 
topic configured on the endpoint. The control-header constants in 
KafkaConstants (for example OVERRIDE_TOPIC = kafka.OVERRIDE_TOPIC, 
OVERRIDE_TIMESTAMP = kafka.OVERRIDE_TIMESTAMP, PARTITION_KEY = 
kafka.PARTITION_KEY) used plain, non-Camel-prefixed values. camel-kafka's own 
Kafk [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that set 
or read Kafka headers via the raw header names must use the CamelKafka* names 
(for example CamelKafkaOverrideTopic and CamelKafkaTopic) instead of the old 
kafka.* values. For deployments  [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23584 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23602 (commit 
f8914a219ad473811c01562b5b85e83ba583b583) and backported to camel-4.18.x 
(commit d4c6fd85358b65d99dfe26722278eaf35fd0029c) and camel-4.14.x (commit 
93cd4c4e1d1619d71aa9b56c3850d4d6ccd74375). The fix renames the 12 camel-kafka 
Exchange header constant values to the C [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0oACgkQ406fOAL/
-QQAt3wgAiRhZNMcqGhsNaH9HVoItAlLFICq7uVMJr9IT5LP4m8DxFiV+8oTiqVug
-lA875ipallERiQ6M519jOpjZsBoxUCoS7KSnE1lI2M1R7Evtzp+U0Rv5ybk568xx
-4d+yH2XEmmm9Cz89/oeDSbjz90cY5rYE/K0fB4XRC1pJt4n6YvxtHteyhZtj+nQE
-WoHSbWOLfZi+AUAGVGZbL5yeZLyR+g7uvalc4VZ5kEIInlHOjxy2eeKJMIdFUip0
-jtspCK/qgVK71XfS6eCiRh8HssiB7UjtvuaO7cCNelmx1+aBuyQ2HWxwazSloYt4
-VmTEw1IOPOWAiadJFG4Ps8s2BhZbjg==
-=dgKG
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQA28Af/fUBaWQTiTJCEQXQOXHRaCzNFu6F1JPm+G4V9P6kPUEZRzedz4DJ8o7Zm
+KitWhcgb0l5IoPhZtltcwvSXsCIOaKKUJtry7tARM3up2Y1+0tGcQhYsIfg171QA
+32gPl9lP2s88JLLi6lGPxuhIi5Hfxfi7vEF7sXFR/npWjUTnTKPinQfIbUXjtblh
+jfreUQDLz9j+vmj0wbsydJfEOQ/KS9Eh847NHayMVdudIDJmreYh16v3H8Ijy90M
+hDBTozr8PZcL9zJEbhvhiFhl8aqwOzypbOJ0kd+f/hBtgUAcCkjCDVpB5qoF/Mvb
+TqzCKrbWjD+5yDae/Fhq96hsufWwTw==
+=pjR7
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-49099.md 
b/content/security/CVE-2026-49099.md
index e990baea..4fa6d790 100644
--- a/content/security/CVE-2026-49099.md
+++ b/content/security/CVE-2026-49099.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-49099
 severity: MEDIUM
-summary: "Apache Camel: Camel-Salesforce: Non-Camel-prefixed Exchange header 
constants (sObjectQuery, sObjectSearch, apexUrl, ...) bypass the HTTP header 
filter, allowing an HTTP client to inject SOQL/SOSL queries, override the 
target SObject, and redirect Apex REST calls using the connected Salesforce 
user's permissions"
+summary: "Camel-Salesforce: Non-Camel-prefixed Exchange header constants 
(sObjectQuery, sObjectSearch, apexUrl, ...) bypass the HTTP header filter, 
allowing an HTTP client to inject SOQL/SOSL queries, override the target 
SObject, and redirect Apex REST calls using the connected Salesforce user's 
permissions"
 description: "The camel-salesforce producer resolves its operation parameters 
- the SOQL query, the SOSL search, the target SObject name and id, the Apex 
REST URL and method, and the Apex query parameters - from Exchange message 
headers, reading the header in preference to the value configured on the 
endpoint (AbstractSalesforceProcessor.getParameter() reads the header first and 
uses the endpoint configuration only as a fallback). The control-header 
constants in SalesforceEndpointConfig  [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that set 
Salesforce operation parameters via the raw header names must use the 
CamelSalesforce* names (for example CamelSalesforceSObjectQuery and 
CamelSalesforceApexUrl) instead of the old sObjec [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-49099.txt.asc 
b/content/security/CVE-2026-49099.txt.asc
index 1abacec3..ac5621bd 100644
--- a/content/security/CVE-2026-49099.txt.asc
+++ b/content/security/CVE-2026-49099.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-49099
 severity: MEDIUM
-summary: "Apache Camel: Camel-Salesforce: Non-Camel-prefixed Exchange header 
constants (sObjectQuery, sObjectSearch, apexUrl, ...) bypass the HTTP header 
filter, allowing an HTTP client to inject SOQL/SOSL queries, override the 
target SObject, and redirect Apex REST calls using the connected Salesforce 
user's permissions"
+summary: "Camel-Salesforce: Non-Camel-prefixed Exchange header constants 
(sObjectQuery, sObjectSearch, apexUrl, ...) bypass the HTTP header filter, 
allowing an HTTP client to inject SOQL/SOSL queries, override the target 
SObject, and redirect Apex REST calls using the connected Salesforce user's 
permissions"
 description: "The camel-salesforce producer resolves its operation parameters 
- the SOQL query, the SOSL search, the target SObject name and id, the Apex 
REST URL and method, and the Apex query parameters - from Exchange message 
headers, reading the header in preference to the value configured on the 
endpoint (AbstractSalesforceProcessor.getParameter() reads the header first and 
uses the endpoint configuration only as a fallback). The control-header 
constants in SalesforceEndpointConfig  [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. After upgrading, routes that set 
Salesforce operation parameters via the raw header names must use the 
CamelSalesforce* names (for example CamelSalesforceSObjectQuery and 
CamelSalesforceApexUrl) instead of the old sObjec [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23716 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23887 (commit 
3445c57e147da12ccfdde066c06ec5492d8c262b) and backported to camel-4.18.x 
(commit 578eb2a0a089c94f507853a737d7c46365f0272e) and camel-4.14.x (commit 
48880af9d401e8c03473a14bd652ce012b66157b). The fix renames the 39 producer-read 
camel-salesforce Exchange header const [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0oACgkQ406fOAL/
-QQC2Dwf/ZfZYUGecOxRHjtR+mkmlXgZ2XNpIcrCNP42dH1blwuSIEiktZi0gEuMW
-MYhnIH+82vjcYJdLjT69xFdzChEFh/fHs8NZTK4DqcKo/4XboNUfEQEDdZ6Bcttm
-dciFNFcrSDif7BknJakPqvRhaQ9SvDXWXVEn0TkK8DTyJIc6YwnckvyoXuTFIpH1
-uTYtwluPXWkEZi2Vkl52F5l0SW+9pDotVoOavJpZ1cWJMKVoDm7nDRsr4h93klEs
-V75W8gTOu+X025G0siFLn4JfeL9Fk8HPA3zfvUTgVbm6Cz9MZM4to5KmASOYoJ7c
-10tGQiqkfj30qllgbynZZlqNnrW+8g==
-=qJFH
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1kACgkQ406fOAL/
+QQBwuQf+NP58OBGxNEEEFWKGp/U1g07SL9v739nLjmdc8uMTNce15orvFm5AMvTe
+3VunewnPF1BbPb+Xp8ZiRb+QfIuCvLTkB/jlUMUzRTWunvhBC0Voj3DVX6aDe/VX
+TJGpqvhGKFajzrFMzXm2IsS+NOBCiSzqksnW3A/x56IeGHIct33wiF7k9ATjqDIL
+xtC3XUsU0dWkq4hWVrsGgZb6HXZ0G2wW3dKQ3MjGTKqIbwbW0BZspjYj2gTxC0lm
+RmQKJC37LRMAg9aJo++SPhCwMJKURTzYOQh23rZMfDM5GTCO5FbyqWtit0tZko4z
+YT46Z2lR+dpsSIXX4hzfDPE5IP2lZQ==
+=4nvg
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-49365.md 
b/content/security/CVE-2026-49365.md
index 7ba889c8..664f1673 100644
--- a/content/security/CVE-2026-49365.md
+++ b/content/security/CVE-2026-49365.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-49365
 severity: MEDIUM
-summary: "Apache Camel: Camel-Netty-HTTP and Camel-Undertow: The muteException 
consumer option defaulted to false, so a processing error returned the full 
Java stack trace in the HTTP response body, disclosing sensitive internal 
information to unauthenticated clients"
+summary: "Camel-Netty-HTTP and Camel-Undertow: The muteException consumer 
option defaulted to false, so a processing error returned the full Java stack 
trace in the HTTP response body, disclosing sensitive internal information to 
unauthenticated clients"
 description: "The camel-netty-http and camel-undertow HTTP server consumers 
expose a muteException option that controls what is returned to the client when 
a route processing error occurs. In both components this option defaulted to 
false - in camel-netty-http because the backing field was an uninitialised 
primitive boolean (Java's default of false), and in camel-undertow likewise - 
whereas the other Camel HTTP server components (camel-http / camel-jetty / 
camel-servlet and camel-platfor [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. For deployments that cannot 
upgrade immediately, set muteException=true explicitly on the camel-netty-http 
and camel-undertow consumers (for example 
netty-http:http://0.0.0.0:8080/api?muteException=true, or globally via  [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
diff --git a/content/security/CVE-2026-49365.txt.asc 
b/content/security/CVE-2026-49365.txt.asc
index 871599de..e01c1331 100644
--- a/content/security/CVE-2026-49365.txt.asc
+++ b/content/security/CVE-2026-49365.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-49365
 severity: MEDIUM
-summary: "Apache Camel: Camel-Netty-HTTP and Camel-Undertow: The muteException 
consumer option defaulted to false, so a processing error returned the full 
Java stack trace in the HTTP response body, disclosing sensitive internal 
information to unauthenticated clients"
+summary: "Camel-Netty-HTTP and Camel-Undertow: The muteException consumer 
option defaulted to false, so a processing error returned the full Java stack 
trace in the HTTP response body, disclosing sensitive internal information to 
unauthenticated clients"
 description: "The camel-netty-http and camel-undertow HTTP server consumers 
expose a muteException option that controls what is returned to the client when 
a route processing error occurs. In both components this option defaulted to 
false - in camel-netty-http because the backing field was an uninitialised 
primitive boolean (Java's default of false), and in camel-undertow likewise - 
whereas the other Camel HTTP server components (camel-http / camel-jetty / 
camel-servlet and camel-platfor [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. For deployments that cannot 
upgrade immediately, set muteException=true explicitly on the camel-netty-http 
and camel-undertow consumers (for example 
netty-http:http://0.0.0.0:8080/api?muteException=true, or globally via  [...]
 credit: "This issue was discovered by Yu Bao from PayPal"
@@ -20,12 +20,12 @@ fixed: 4.14.8, 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23651 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23913 (commit 
6cea553aa42ed1326ac57ad800d66674bc453932) and backported to camel-4.18.x 
(commit 1bd7389bd244da719404cf66d5b3676d41498bec) and camel-4.14.x (commit 
d3a13956ad2fd7280ad3ab678d79caf3bd0b4661). The fix aligns the muteException 
consumer-option default in camel-netty-htt [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0oACgkQ406fOAL/
-QQAmrAgAlj+tDSZ4/gtiIW41O31rLAvgMJ0U0hVefE354YUob/ca1mNkk35EEsAk
-KdhXYXNTmN0ux4TIA5KvTCfGR4kp0jCBjShM4xOKZKNrSXWFoHoiUk/jn1CkYP8n
-+JpIlc+33wqzCyWAkvgpJdfQdcaEeYoMP7WecWeX3hdF+QhvOr8veZXaDw2aMqug
-uDRoUiWuzHHQjPts/nU2YnDGg2wGutXS+NakFbxbiKD21mM0nXRBeipJ21lq5eZ8
-vb1s8jU0BFSlJPKjKTypQKZFVrssTnUmehbXwRh2192i7TxaxnlUVD7qvDjhxOL8
-ex6SFZqtL6S8hS/w/5q5CHL2Oo16TQ==
-=9yZh
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1oACgkQ406fOAL/
+QQBrwQgAi6I2aggOCjyAMMi0SNscu+VFqJI/MdIiFJnW+A2KVh4GGeui2jrMcg2t
+71OlDX+fQkmMBVhZQX4RfB4yfqBcXXSKWxdvfiTWuFU8uLGFZ31TSmYo51nnj37E
+xDsNoa7DQ4ZJjpxud0AqV80+Mpb/vkxr1MxcM9Qloj8HHR80gWR9c/WmNayfIvlv
+cCX41FsrSFOJpvfwA1bibq6AongRAI6yrtgBzTpd/SUqM3gGe2CVKE6nXi1ZQ2WN
+y4JL+OoHYvPMQV+YsrCPGkyQRDOkVwzRW9ii7scOa1jUUnHQVqgBWFn8KFrIRoaZ
+jM5883ZFwq0eDs3yXPfaqF0cHiEOSA==
+=vOpR
 -----END PGP SIGNATURE-----
diff --git a/content/security/CVE-2026-53913.md 
b/content/security/CVE-2026-53913.md
index d5c81934..85aefed7 100644
--- a/content/security/CVE-2026-53913.md
+++ b/content/security/CVE-2026-53913.md
@@ -6,7 +6,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-53913
 severity: HIGH
-summary: "Apache Camel: Camel-Keycloak: KeycloakSecurityPolicy verifies the 
bearer access token only inside its role and permission checks, so in the 
default configuration (no required roles or permissions) the token is never 
verified and any non-null bearer value is accepted - a fail-open authentication 
bypass"
+summary: "Camel-Keycloak: KeycloakSecurityPolicy verifies the bearer access 
token only inside its role and permission checks, so in the default 
configuration (no required roles or permissions) the token is never verified 
and any non-null bearer value is accepted - a fail-open authentication bypass"
 description: "The KeycloakSecurityPolicy of camel-keycloak guards a route by 
running KeycloakSecurityProcessor.beforeProcess(), which performs three checks 
in sequence: it rejects a request that carries no access token, then - only if 
requiredRoles is non-empty - validates the roles, and - only if 
requiredPermissions is non-empty - validates the permissions. The actual 
cryptographic verification of the bearer access token (signature, issuer and 
expiry for a local JWT, or active-state and [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.18.x releases stream, then they are suggested 
to upgrade to 4.18.3. For deployments that cannot upgrade immediately, 
configure a non-empty requiredRoles or requiredPermissions on every 
KeycloakSecurityPolicy so that the token-verification path is exercised, set 
allowTokenFromHeader to false where the token is not expected from the request 
header, or perform token verification at  [...]
 credit: "This issue was discovered by Lidor Ben Shitrit from Novee Security"
diff --git a/content/security/CVE-2026-53913.txt.asc 
b/content/security/CVE-2026-53913.txt.asc
index 51bb8aa3..c04e5d9b 100644
--- a/content/security/CVE-2026-53913.txt.asc
+++ b/content/security/CVE-2026-53913.txt.asc
@@ -9,7 +9,7 @@ draft: false
 type: security-advisory
 cve: CVE-2026-53913
 severity: HIGH
-summary: "Apache Camel: Camel-Keycloak: KeycloakSecurityPolicy verifies the 
bearer access token only inside its role and permission checks, so in the 
default configuration (no required roles or permissions) the token is never 
verified and any non-null bearer value is accepted - a fail-open authentication 
bypass"
+summary: "Camel-Keycloak: KeycloakSecurityPolicy verifies the bearer access 
token only inside its role and permission checks, so in the default 
configuration (no required roles or permissions) the token is never verified 
and any non-null bearer value is accepted - a fail-open authentication bypass"
 description: "The KeycloakSecurityPolicy of camel-keycloak guards a route by 
running KeycloakSecurityProcessor.beforeProcess(), which performs three checks 
in sequence: it rejects a request that carries no access token, then - only if 
requiredRoles is non-empty - validates the roles, and - only if 
requiredPermissions is non-empty - validates the permissions. The actual 
cryptographic verification of the bearer access token (signature, issuer and 
expiry for a local JWT, or active-state and [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.18.x releases stream, then they are suggested 
to upgrade to 4.18.3. For deployments that cannot upgrade immediately, 
configure a non-empty requiredRoles or requiredPermissions on every 
KeycloakSecurityPolicy so that the token-verification path is exercised, set 
allowTokenFromHeader to false where the token is not expected from the request 
header, or perform token verification at  [...]
 credit: "This issue was discovered by Lidor Ben Shitrit from Novee Security"
@@ -20,12 +20,12 @@ fixed: 4.18.3 and 4.21.0
 The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23738 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23958 (commit 
1477cb4e87b2c301f1cdcddca5b153fbbef6934b) and backported to camel-4.18.x 
(commit b62170072348cc4073ddf705ad716aa3678d6c09). The fix makes 
KeycloakSecurityProcessor.beforeProcess() always authenticate the access token 
when one is present, independently of whether rol [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmovx0oACgkQ406fOAL/
-QQB2pAf+JGsU4P7qMm29/EJMFDv1myuKYrK8V7Ft0ShxmcO4lxSlGpaY2Ht4vqS6
-cfYK3twDSp3PyDbyPmfV0vjYT5tuYKKLZAL4S3GX1MmMhEtnCMkiGZ/EyU7ZaaJ/
-+Kzkmsh1zS69XikwGIaVRwd3bY0H/IjfHO2XVoAcXikJ0LX4x3g/7CjwQNVfLMHV
-2X7MyDeSwlmvuo8p9LyNG+aIUk/QX8ncezbshRrRgbCoF/q2Y75wthPjrSTIIUok
-KS4WNhqT5l3mVc7TbNJQn3TZ+aY0/40ydpDabBTiEuYcyIhsTP6Qpuop0fCIK+bf
-p5r0V24ABl97PaKVRwROdH4AKYJokA==
-=uDCR
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmoyo1oACgkQ406fOAL/
+QQCuPQf/SoUiMZd6aC4u32cTeMeinJxY3eoI3ILCwJiUJkH30DhOtnZTKeJQ9ZWR
+qM4LjkhaS+BhmIXULPsimSPq4lODKkLTj1ZkQb0b+aqtf9MzYKK9vSz5g508yAnh
+Etg14qnR4UF8KAVmvBJzMHm3UQ+GCOevc7l29t6RnXgF9VLySVVkVHPR5CiVoUMT
+eQK7eHg8UZetxBTf2KWW+QPHOzWXwGIyCzWPNv42PFHrxsBXkQ0kOZl+23KrafXl
+KmvgoZGkO5k7gpi24TZU0LmGu1n2FDInR8cwoITPMk5InWLCwdWw+mcrup1SUnT6
+NpNuTlnkm8XbdbKhs6IPUkCOlyEoNg==
+=bQeG
 -----END PGP SIGNATURE-----

Reply via email to