A vulnerability was found in Apache Camel up to 4.14.8/4.18.2/4.20.x and classified as critical. This affects an unknown part of the component Camel-Atmosphere-Websocket. The manipulation results in server-side request forgery.

This vulnerability is reported as CVE-2026-55993. The attack can be launched remotely. No exploit exists.

It is suggested to upgrade the affected component.