A vulnerability classified as critical was found in Apache Camel up to 4.14.5/4.18.1/4.19.x . The affected element is the function MinaConverter.toObjectInput of the component Camel-Mina . The manipulation results in deserialization. This vulnerability is reported as CVE-2026-40473 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.