Unsafe deserialization in Apache Camel LevelDB component
CVE-2026-25747 is a deserialization of untrusted data vulnerability in the Apache Camel LevelDB component (org.apache.camel:camel-leveldb). The flaw is in the Camel-LevelDB DefaultLevelDBSerializer class, which deserializes data read from the LevelDB aggregation repository using java.io.ObjectInputStream without applying an ObjectInputFilter or class-loading restrictions. If an attacker can write crafted serialized Java objects into the LevelDB database files used by a Camel application, those objects may be deserialized during normal aggregation repository operations, leading to arbitrary code execution in the application context. Reported affected versions are Apache Camel 4.10.0 before 4.10.8 or 4.10.9 depending on advisory stream, 4.14.0 before 4.14.5, and 4.15.0 before 4.18.0.
Are you exposed to this one?
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
Impact, mitigation & remediation
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
Impact
What an attacker gets, and what they’ve been doing with it.
Mitigation
If you can’t patch tonight, do this now.
Remediation
Patch, then assume compromise.
Exploits
1 valid exploit after Mallory filtered fakes, detection scripts, and README-only repos.
Repository purpose: a Spring Boot + Apache Camel proof-of-concept reproducer for an unsafe Java deserialization condition in Camel's LevelDB Aggregation Repository serializer (DefaultLevelDBSerializer uses raw ObjectInputStream without an ObjectInputFilter). The PoC demonstrates how a malicious serialized object placed into the LevelDB backing store can be deserialized during repository reads/recovery, leading to code execution if a gadget chain is available. Structure and key files: - pom.xml: Maven build; uses Spring Boot 3.2.0, Apache Camel 4.18.0-SNAPSHOT, and explicitly includes commons-collections:3.2.1 to ensure a known ysoserial gadget chain is on the classpath. - src/main/java/com/example/Application.java: Spring Boot entry point. - src/main/java/com/example/ExploitController.java: Main PoC logic exposing REST endpoints: - GET /exploit/init: creates /tmp/leveldb-exploit/aggregation.db, starts a LevelDBAggregationRepository named "myrepo", and writes a legitimate exchange under key "test-key". - POST /exploit/inject: accepts a hex string, converts to bytes, opens LevelDB directly (org.iq80.leveldb), and writes the bytes as the value for key "myrepo\0malicious-key" (repositoryName + NUL + correlationKey). This simulates an attacker gaining write access to the LevelDB store. - GET /exploit/trigger: starts the repository, enumerates keys, and calls repo.get(camelContext, key) for each key. This forces unmarshalling/deserialization of the stored bytes; a malicious entry triggers gadget execution. - GET /exploit/cleanup: deletes the LevelDB directory/files. - src/main/java/com/example/LevelDBRoute.java and StringAggregationStrategy.java: illustrative Camel aggregation route/strategy; route is intentionally disabled to avoid LevelDB file locking and keep the PoC manual. - src/main/resources/application.properties: sets server.port=8080. Exploit capabilities: - Writes attacker-controlled serialized bytes into the LevelDB store (via provided HTTP endpoint in this PoC). - Triggers deserialization by invoking LevelDBAggregationRepository.get() over stored keys. - Achieves RCE when a gadget chain is present (the project includes commons-collections 3.2.1; README suggests generating payloads with ysoserial CommonsCollections7). Notes on realism/conditions: - In real deployments, the primary prerequisite is an attacker-controlled write into the LevelDB persistence (filesystem access or another vulnerability). This PoC adds a network-accessible injection endpoint to make the condition easy to reproduce.
Affected products & vendors
Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.
Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.
Recent activity
8 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
A remote code execution vulnerability in Apache Camel's camel-infinispan component where ProtoStream-based remote aggregation repository data is deserialized with java.io.ObjectInputStream without an ObjectInputFilter, allowing a cache-writing attacker to inject crafted serialized Java objects and achieve arbitrary code execution.
A previously addressed vulnerability of the same class referenced for comparison only; no further details are provided in the content.
A previously addressed Apache Camel vulnerability of the same unsafe Java deserialization class, referenced for comparison only.
The version that knows your environment.
Query your assets running an affected version, and investigate the blast radius.
Every observed campaign linking this CVE to a named adversary.
Malware families riding this exploit, with evidence and IOCs.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Cross-references every affected SKU, including bundled OEM variants.
Community discussion across Reddit, Mastodon, and other social sources.