A vulnerability described as critical has been identified in Apache Camel up to 4.18.1/4.19.x . This issue affects some unknown processing of the component Camel-PQC . Executing a manipulation can lead to deserialization. This vulnerability is registered as CVE-2026-40048 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.