Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Red Hat JBoss EAP 8.1 for RHEL 9

Source -

ADP

CNA CVEs -

0

ADP CVEs -

13

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
13Vulnerabilities found

CVE-2026-3505
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
ShareView Details
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
CVSS Score-8.7||HIGH
EPSS-0.76% / 50.67%
||
7 Day CHG+0.35%
Published-15 Apr, 2026 | 09:06
Updated-30 Jun, 2026 | 12:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.

Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules). This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java. This issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.

Action-Not Available
Vendor-Legion of the Bouncy Castle Inc.Red Hat, Inc.
Product-BC-JAVARed Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat Enterprise Linux 9Red Hat Fuse 7streams for Apache Kafka 2Red Hat Build of Apache Camel 4.14 for Quarkus 3.27Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.1Red Hat AMQ Clientsstreams for Apache Kafka 3Red Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3Red Hat JBoss EAP 8.1 for RHEL 8Red Hat Process Automation 7Red Hat Satellite 6OpenShift Developer Tools and ServicesRed Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-5588
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
ShareView Details
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
CVSS Score-6.3||MEDIUM
EPSS-0.39% / 31.12%
||
7 Day CHG+0.13%
Published-15 Apr, 2026 | 09:06
Updated-30 Jun, 2026 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PKIX draft CompositeVerifier accepts empty signature sequence as valid.

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix modules). This vulnerability is associated with program files JcaContentVerifierProviderBuilder.Java, JcaContentVerfierProviderBuilder.Java. This issue affects BC-JAVA: from 1.67 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11; BCPIX-LTS: from 2.73.7 before 2.73.11.

Action-Not Available
Vendor-Legion of the Bouncy Castle Inc.Red Hat, Inc.
Product-BC-JAVABCPIX-LTSBCPKIX-FIPSRed Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14Red Hat OpenShift AI (RHOAI)Red Hat AMQ Broker 7Red Hat Data Grid 8Red Hat AMQ Broker 7.13.5Red Hat JBoss Enterprise Application Platform 7Red Hat build of Debezium 3Red Hat AMQ Broker 7.12.7Red Hat Enterprise Linux 9Red Hat Fuse 7Cryostat 4streams for Apache Kafka 2Red Hat build of Quarkus 3.27.3.SP1Red Hat Build of Apache Camel 4.14 for Quarkus 3.27Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.1Red Hat build of Quarkus 3.20.6.SP1Red Hat build of Apicurio Registry 3Red Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3streams for Apache Kafka 3Red Hat JBoss EAP 8.1 for RHEL 8Red Hat Process Automation 7Red Hat Satellite 6Red Hat Enterprise Linux 8Red Hat OpenShift Dev Spaces 3.28OpenShift Developer Tools and ServicesRed Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2026-5598
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
ShareView Details
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
CVSS Score-8.9||HIGH
EPSS-0.69% / 48.28%
||
7 Day CHG+0.18%
Published-15 Apr, 2026 | 09:05
Updated-30 Jun, 2026 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Non-constant time comparisons risk private key leakage in FrodoKEM.

Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.

Action-Not Available
Vendor-Legion of the Bouncy Castle Inc.Red Hat, Inc.
Product-BC-JAVARed Hat OpenShift AI (RHOAI)Red Hat build of QuarkusRed Hat AMQ Broker 7Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat build of Debezium 3Red Hat Enterprise Linux 9Red Hat build of Apache Camel for Spring Boot 4Red Hat Fuse 7Cryostat 4Red Hat build of Debezium 2streams for Apache Kafka 2Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss EAP 7.4 ELS for RHEL 8Red Hat JBoss Enterprise Application Platform 8.1Red Hat AMQ ClientsRed Hat JBoss EAP 7.4 ELS for RHEL 7 ServerRed Hat build of Apicurio Registry 3Red Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3streams for Apache Kafka 3Red Hat Build of KeycloakRed Hat JBoss EAP 8.1 for RHEL 8Red Hat OpenShift Dev SpacesRed Hat Process Automation 7Red Hat Satellite 6Red Hat JBoss EAP 7.4 ELS for RHEL 9Red Hat Enterprise Linux 8Red Hat JBoss Enterprise Application Platform 8OpenShift Developer Tools and ServicesRed Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-385
Covert Timing Channel
CVE-2026-0636
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
ShareView Details
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
CVSS Score-5.5||MEDIUM
EPSS-0.53% / 40.72%
||
7 Day CHG+0.03%
Published-15 Apr, 2026 | 08:59
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LDAP Injection Vulnerability in LDAPStoreHelper.java

Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.

Action-Not Available
Vendor-Legion of the Bouncy Castle Inc.Red Hat, Inc.
Product-BC-JAVARed Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14Red Hat OpenShift AI (RHOAI)Red Hat AMQ Broker 7Red Hat Data Grid 8Red Hat AMQ Broker 7.13.5Red Hat JBoss Enterprise Application Platform 7Red Hat build of Debezium 3Red Hat AMQ Broker 7.12.7Red Hat Enterprise Linux 9Red Hat Fuse 7Cryostat 4streams for Apache Kafka 2Red Hat build of Quarkus 3.27.3.SP1Red Hat Build of Apache Camel 4.14 for Quarkus 3.27Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.1Red Hat build of Quarkus 3.20.6.SP1Red Hat AMQ ClientsRed Hat build of Apicurio Registry 3Red Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3streams for Apache Kafka 3Red Hat JBoss EAP 8.1 for RHEL 8Red Hat Process Automation 7Red Hat Satellite 6Red Hat Enterprise Linux 8Red Hat OpenShift Dev Spaces 3.28OpenShift Developer Tools and ServicesRed Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-90
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
CVE-2025-14813
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
ShareView Details
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
CVSS Score-9.3||CRITICAL
EPSS-0.31% / 23.12%
||
7 Day CHG+0.20%
Published-15 Apr, 2026 | 08:56
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GOSTCTR implementation unable to process more than 255 blocks correctly

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules). This vulnerability is associated with program files G3413CTRBlockCipher. This issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.

Action-Not Available
Vendor-Legion of the Bouncy Castle Inc.Red Hat, Inc.
Product-BC-JAVARed Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14Red Hat OpenShift AI (RHOAI)Red Hat AMQ Broker 7Red Hat Data Grid 8Red Hat AMQ Broker 7.13.5Red Hat JBoss Enterprise Application Platform 7Red Hat build of Debezium 3Red Hat AMQ Broker 7.12.7Red Hat Enterprise Linux 9Red Hat Fuse 7Cryostat 4streams for Apache Kafka 2Red Hat build of Quarkus 3.27.3.SP1Red Hat Build of Apache Camel 4.14 for Quarkus 3.27Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.1Red Hat build of Quarkus 3.20.6.SP1Red Hat AMQ ClientsRed Hat OpenShift AI 2.25Red Hat build of Apicurio Registry 3Red Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3streams for Apache Kafka 3Red Hat Build of KeycloakRed Hat JBoss EAP 8.1 for RHEL 8Red Hat Process Automation 7Red Hat Satellite 6Red Hat Enterprise Linux 8Red Hat OpenShift Dev Spaces 3.28OpenShift Developer Tools and ServicesRed Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2026-33871
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-8.7||HIGH
EPSS-1.12% / 62.32%
||
7 Day CHG+0.47%
Published-27 Mar, 2026 | 19:55
Updated-03 Jul, 2026 | 13:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of `CONTINUATION` frames. The server's lack of a limit on the number of `CONTINUATION` frames, combined with a bypass of existing size-based mitigations using zero-byte frames, allows an user to cause excessive CPU consumption with minimal bandwidth, rendering the server unresponsive. Versions 4.1.132.Final and 4.2.10.Final fix the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Netty Project
Product-nettynettyCryostat 4 on RHEL 9Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14Red Hat build of Quarkus 3.27.3Red Hat build of Apicurio Registry 2Red Hat build of Debezium 2Red Hat Build of KeycloakRed Hat Process Automation 7Red Hat JBoss EAP 8.1 for RHEL 9Red Hat Build of Apache Camel 4.14 for Quarkus 3.27streams for Apache Kafka 3Streams for Apache Kafka 3.2.0Red Hat build of Debezium 3Red Hat JBoss Enterprise Application Platform 7Red Hat Satellite 6Red Hat Data Grid 8.6.1Red Hat JBoss Enterprise Application Platform 8.1Red Hat AMQ Broker 7.14.0Red Hat JBoss Enterprise Application Platform 8Red Hat build of QuarkusRed Hat OpenShift AI (RHOAI)Red Hat JBoss EAP 8.1 for RHEL 8Red Hat AMQ ClientsRed Hat Fuse 7Red Hat AMQ Broker 7.12.7Streams for Apache Kafka 2.9.4Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat build of Apicurio Registry 3Logging Subsystem for Red Hat OpenShiftRed Hat Enterprise Linux AI (RHEL AI) 3Red Hat build of Apache Camel - HawtIO 4Red Hat OpenShift Dev Spaces 3.27Cryostat 4OpenShift ServerlessRed Hat build of Quarkus 3.20.6Red Hat AMQ Broker 7.13.5Red Hat build of Apache Camel 4 for Quarkus 3Red Hat OpenShift AI 2.25Red Hat Single Sign-On 7Red Hat build of OptaPlanner 8
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-33870
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.64% / 46.21%
||
7 Day CHG+0.18%
Published-27 Mar, 2026 | 19:54
Updated-03 Jul, 2026 | 13:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fix the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Netty Project
Product-nettynettyCryostat 4 on RHEL 9Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14Red Hat build of Quarkus 3.27.3Red Hat build of Apicurio Registry 2Red Hat Build of KeycloakRed Hat Process Automation 7Red Hat JBoss EAP 8.1 for RHEL 9Red Hat Build of Apache Camel 4.14 for Quarkus 3.27streams for Apache Kafka 3Streams for Apache Kafka 3.2.0Red Hat build of Debezium 3Red Hat JBoss Enterprise Application Platform 7Red Hat Satellite 6Red Hat Data Grid 8.6.1Red Hat JBoss Enterprise Application Platform 8.1Red Hat AMQ Broker 7.14.0Red Hat OpenShift AI (RHOAI)Red Hat JBoss EAP 8.1 for RHEL 8Red Hat AMQ ClientsRed Hat Fuse 7Red Hat AMQ Broker 7.12.7Streams for Apache Kafka 2.9.4Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat build of Apicurio Registry 3Logging Subsystem for Red Hat OpenShiftRed Hat Enterprise Linux AI (RHEL AI) 3Red Hat build of Apache Camel - HawtIO 4Red Hat OpenShift Dev Spaces 3.27OpenShift ServerlessRed Hat build of Quarkus 3.20.6Red Hat AMQ Broker 7.13.5Red Hat build of Apache Camel 4 for Quarkus 3Red Hat OpenShift AI 2.25Red Hat Single Sign-On 7Red Hat build of OptaPlanner 8
CWE ID-CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVE-2025-67030
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.66% / 47.17%
||
7 Day CHG-0.00%
Published-25 Mar, 2026 | 00:00
Updated-03 Jul, 2026 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code

Action-Not Available
Vendor-codehaus-plexusn/aRed Hat, Inc.
Product-plexus-utilsn/aOpenShift Developer Tools and ServicesRed Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14Red Hat build of Quarkus 3.27.3Red Hat build of Apicurio Registry 2Red Hat Process Automation 7Red Hat JBoss Web Server 5Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss Web Server 6streams for Apache Kafka 3Red Hat build of Debezium 3Red Hat JBoss Enterprise Application Platform 7Red Hat JBoss Core ServicesRed Hat Satellite 6streams for Apache Kafka 2Red Hat JBoss Enterprise Application Platform 8.1Red Hat OpenShift AI (RHOAI)Red Hat Enterprise Linux 7Red Hat JBoss EAP 8.1 for RHEL 8Red Hat Enterprise Linux 6Red Hat AMQ ClientsRed Hat Fuse 7Red Hat Enterprise Linux 10Red Hat build of Quarkus Native builderRed Hat JBoss Enterprise Application Platform Expansion PackRed Hat build of Apicurio Registry 3Red Hat Enterprise Linux 9Red Hat Data Grid 8Red Hat Enterprise Linux 8OpenShift ServerlessCryostat 4Red Hat build of Quarkus 3.20.6Red Hat Single Sign-On 7Red Hat AMQ Broker 7
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2026-1605
Assigner-Eclipse Foundation
ShareView Details
Assigner-Eclipse Foundation
CVSS Score-7.5||HIGH
EPSS-0.62% / 45.55%
||
7 Day CHG+0.26%
Published-05 Mar, 2026 | 09:39
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed. This happens because the JDK Inflater is allocated for decompressing the request, but it is not released because the release mechanism is tied to the compressed response. In this case, since the response is not compressed, the release mechanism does not trigger, causing the leak.

Action-Not Available
Vendor-Eclipse Foundation AISBLRed Hat, Inc.
Product-jettyEclipse JettyRed Hat AMQ Broker 7.14.0Red Hat build of Apicurio Registry 2Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat build of Debezium 3Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat build of Apache Camel for Spring Boot 4Red Hat Fuse 7Red Hat build of Debezium 2streams for Apache Kafka 2HawtIO HawtIO 4.4.0Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.1Red Hat Offline Knowledge PortalRed Hat build of Apicurio Registry 3Red Hat Single Sign-On 7streams for Apache Kafka 3Red Hat JBoss EAP 8.1 for RHEL 8Red Hat JBoss Web Server 6Red Hat Process Automation 7Red Hat Satellite 6Red Hat Enterprise Linux 8Red Hat OpenShift Dev Spaces 3.28OpenShift Developer Tools and ServicesRed Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2026-27446
Assigner-Apache Software Foundation
ShareView Details
Assigner-Apache Software Foundation
CVSS Score-9.3||CRITICAL
EPSS-10.63% / 95.25%
||
7 Day CHG+2.29%
Published-04 Mar, 2026 | 08:48
Updated-30 Jun, 2026 | 12:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federation

Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This could potentially result in message injection into any queue and/or message exfiltration from any queue via the rogue broker. This impacts environments that allow both: - incoming Core protocol connections from untrusted sources to the broker - outgoing Core protocol connections from the broker to untrusted targets This issue affects: - Apache Artemis from 2.50.0 through 2.51.0 - Apache ActiveMQ Artemis from 2.11.0 through 2.44.0. Users are recommended to upgrade to Apache Artemis version 2.52.0, which fixes the issue. The issue can be mitigated by one of the following: - Remove Core protocol support from any acceptor receiving connections from untrusted sources. Incoming Core protocol connections are supported by default via the "artemis" acceptor listening on port 61616. See the "protocols" URL parameter configured for the acceptor. An acceptor URL without this parameter supports all protocols by default, including Core. - Use two-way SSL (i.e. certificate-based authentication) in order to force every client to present the proper SSL certificate when establishing a connection before any message protocol handshake is attempted. This will prevent unauthenticated exploitation of this vulnerability. - Implement and deploy a Core interceptor to deny all Core downstream federation connect packets. Such packets have a type of (int) -16 or (byte) 0xfffffff0. Documentation for interceptors is available at  https://artemis.apache.org/components/artemis/documentation/latest/intercepting-operations.html .

Action-Not Available
Vendor-The Apache Software FoundationRed Hat, Inc.Siemens AG
Product-artemisApache ArtemisApache ActiveMQ ArtemisRed Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14Red Hat JBoss Enterprise Application Platform 7Red Hat AMQ Broker 7.12.6Opcenter RDnLRed Hat Fuse 7Red Hat build of OptaPlanner 8Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.1Red Hat AMQ ClientsRed Hat Single Sign-On 7Red Hat JBoss EAP 8.1 for RHEL 8Red Hat OpenShift Dev SpacesRed Hat Process Automation 7Red Hat Satellite 6Red Hat AMQ Broker 7.13.4Red Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-27830
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-8.9||HIGH
EPSS-0.53% / 41.13%
||
7 Day CHG+0.23%
Published-26 Feb, 2026 | 00:45
Updated-30 Jun, 2026 | 12:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
c3p0 vulnerable to Remote Code Execution via unsafe deserialization of userOverridesAsString property

c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and `javax.naming.Reference` instances. Several c3p0 `ConnectionPoolDataSource` implementations have a property called `userOverridesAsString` which conceptually represents a `Map<String,Map<String,String>>`. Prior to v0.12.0, that property was maintained as a hex-encoded serialized object. Any attacker able to reset this property, on an existing `ConnectionPoolDataSource` or via maliciously crafted serialized objects or `javax.naming.Reference` instances could be tailored execute unexpected code on the application's `CLASSPATH`. The danger of this vulnerability was strongly magnified by vulnerabilities in c3p0's main dependency, mchange-commons-java. This library includes code that mirrors early implementations of JNDI functionality, including ungated support for remote `factoryClassLocation` values. Attackers could set c3p0's `userOverridesAsString` hex-encoded serialized objects that include objects "indirectly serialized" via JNDI references. Deserialization of those objects and dereferencing of the embedded `javax.naming.Reference` objects could provoke download and execution of malicious code from a remote `factoryClassLocation`. Although hazard presented by c3p0's vulnerabilites are exarcerbated by vulnerabilities in mchange-commons-java, use of Java-serialized-object hex as the format for a writable Java-Bean property, of objects that may be exposed across JNDI interfaces, represents a serious independent fragility. The `userOverridesAsString` property of c3p0 `ConnectionPoolDataSource` classes has been reimplemented to use a safe CSV-based format, rather than rely upon potentially dangerous Java object deserialization. c3p0-0.12.0+ and above depend upon mchange-commons-java 0.4.0+, which gates support for remote `factoryClassLocation` values by configuration parameters that default to restrictive values. c3p0 additionally enforces the new mchange-commons-java `com.mchange.v2.naming.nameGuardClassName` to prevent injection of unexpected, potentially remote JNDI names. There is no supported workaround for versions of c3p0 prior to 0.12.0.

Action-Not Available
Vendor-swaldmanRed Hat, Inc.
Product-c3p0Red Hat build of Apache Camel - HawtIO 4Red Hat JBoss Enterprise Application Platform 7Red Hat build of Debezium 3Red Hat Fuse 7Red Hat build of Debezium 2streams for Apache Kafka 2Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.1Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11Red Hat Build of Debezium 3.2streams for Apache Kafka 3Red Hat JBoss EAP 8.1 for RHEL 8Red Hat Process Automation 7Red Hat Satellite 6Red Hat Satellite 6.18 for RHEL 9Red Hat JBoss Enterprise Application Platform 8Red Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-27727
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-8.9||HIGH
EPSS-0.81% / 52.48%
||
7 Day CHG+0.24%
Published-25 Feb, 2026 | 16:01
Updated-02 Jul, 2026 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
mchange-commons-java: Remote Code Execution via JNDI Reference Resolution

mchange-commons-java, a library that provides Java utilities, includes code that mirrors early implementations of JNDI functionality, including support for remote `factoryClassLocation` values, by which code can be downloaded and invoked within a running application. If an attacker can provoke an application to read a maliciously crafted `jaxax.naming.Reference` or serialized object, they can provoke the download and execution of malicious code. Implementations of this functionality within the JDK were disabled by default behind a System property that defaults to `false`, `com.sun.jndi.ldap.object.trustURLCodebase`. However, since mchange-commons-java includes an independent implementation of JNDI derefencing, libraries (such as c3p0) that resolve references via that implementation could be provoked to download and execute malicious code even after the JDK was hardened. Mirroring the JDK patch, mchange-commons-java's JNDI functionality is gated by configuration parameters that default to restrictive values starting in version 0.4.0. No known workarounds are available. Versions prior to 0.4.0 should be avoided on application CLASSPATHs.

Action-Not Available
Vendor-mchangeswaldmanRed Hat, Inc.
Product-mchange_commons_javamchange-commons-javaRed Hat JBoss EAP 8.1 for RHEL 8Red Hat Satellite 6.19 for RHEL 9Red Hat Process Automation 7Red Hat build of Debezium 2Red Hat Fuse 7Red Hat Satellite 6.16 for RHEL 9Red Hat Satellite 6.16 for RHEL 8Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform Expansion Packstreams for Apache Kafka 3Red Hat build of Apache Camel - HawtIO 4Red Hat Satellite 6.17 for RHEL 9Red Hat JBoss Enterprise Application Platform 7Red Hat Satellite 6Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11streams for Apache Kafka 2Red Hat Build of Debezium 3.2Red Hat JBoss Enterprise Application Platform 8.1
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2025-12543
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-9.6||CRITICAL
EPSS-1.18% / 63.86%
||
7 Day CHG~0.00%
Published-07 Jan, 2026 | 16:04
Updated-30 Jun, 2026 | 05:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.

Action-Not Available
Vendor-Red Hat, Inc.
Product-data_gridbuild_of_apache_camelsingle_sign-onjboss_enterprise_application_platformfusejboss_enterprise_application_platform_expansion_packundertowprocess_automationRed Hat JBoss Enterprise Application Platform 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9Red Hat build of Apache Camel - HawtIO 4Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Fuse 7Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7Red Hat JBoss Enterprise Application PlatformRed Hat JBoss Enterprise Application Platform 8.1Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11Red Hat Single Sign-On 7Red Hat JBoss Enterprise Application Platform 8.0Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8Red Hat Process Automation 7Red Hat Enterprise Linux 8Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 8.1 for RHEL 8Red Hat build of Apache Camel - HawtIO 4Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Fuse 7Red Hat JBoss EAP 8.1 for RHEL 9Red Hat JBoss EAP 7.4 ELS for RHEL 8Red Hat JBoss Enterprise Application Platform 8.1Red Hat JBoss Enterprise Application PlatformRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 ServerRed Hat JBoss EAP 7.4 ELS for RHEL 7 ServerRed Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11Red Hat Single Sign-On 7Red Hat JBoss Enterprise Application Platform 8.0Red Hat JBoss EAP 8.1 for RHEL 8Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 ServerRed Hat JBoss EAP 8.0 for RHEL 9Red Hat Process Automation 7Red Hat JBoss EAP 7.4 ELS for RHEL 9Red Hat Enterprise Linux 8Red Hat JBoss EAP 8.0 for RHEL 8Red Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-20
Improper Input Validation