CVE-2026-50631 | Apache CXF up to 4.1.6/4.2.1 OAuth2 toctou

Inserito da Angelo Barbosa | Giu 11, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Apache CXF up to 4.1.6/4.2.1. Affected by this vulnerability is an unknown functionality of the component OAuth2. The manipulation leads to time-of-check time-of-use.

This vulnerability is traded as CVE-2026-50631. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2026-50631 | Apache CXF up to 4.1.6/4.2.1 OAuth2 toctou

Post correlati

CVE-2025-27100 | treeverse lakeFS up to 1.49.x Environment Variable LAKEFS_BLOCKSTORE_S3_DISABLE_PRE_SIGNED_MULTIPART resource consumption (GHSA-j7jw-28jm-whr6)

CVE-2025-33240 | NVIDIA Megatron-Bridge code injection

CVE-2019-25219 | Asio C++ Library up to 1.12.x Fallback Privilege Escalation

CVE-2025-49797 | Brother Industries/Toshiba Tec Driver Installer on Windows file access