Apache · Camel-Knative · CVE-2026-47323
**Name of the Vulnerable Software and Affected Versions**
Apache Camel (affected versions not specified)
**Description**
An unauthenticated attacker can perform message header injection due to missing inbound filtering in the `CxfRsHeaderFilterStrategy` and Knative `HeaderFilterStrategy` implementations. This allows the injection of Camel-internal headers to override configured values, which can lead to remote code execution or arbitrary file writes.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.