A vulnerability was found in Apache APISIX up to 3.16.0 and classified as critical . Affected by this issue is some unknown functionality of the component Configuration Handler . Such manipulation leads to insufficient verification of data authenticity. This vulnerability is uniquely identified as CVE-2026-44087 . The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.