CVE-2026-50633 | Apache CXF up to 4.1.6/4.2.1 JNDI DispatchMDBMessageListenerImpl injection

Inserito da Angelo Barbosa | Giu 11, 2026 | CVE

A vulnerability has been found in Apache CXF up to 4.1.6/4.2.1 and classified as critical. This affects the function DispatchMDBMessageListenerImpl of the component JNDI Handler. This manipulation causes injection.

This vulnerability is handled as CVE-2026-50633. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-50633 | Apache CXF up to 4.1.6/4.2.1 JNDI DispatchMDBMessageListenerImpl injection

Post correlati

CVE-2023-43000 | Apple macOS/iOS and iPadOS/Safari Web Content use after free

CVE-2025-12098 | Academy LMS Plugin up to 3.3.8 on WordPress Social Login enqueue_social_login_script information disclosure

CVE-2024-38295 | ALCASAR up to 3.6.0 still_connected.php Privilege Escalation

CVE-2025-62868 | Edge-Themes Edge CPT Plugin up to 1.4 on WordPress filename control