{"vulnerability": "CVE-2026-46455", "sightings": [{"uuid": "f1cef729-cb7e-4ed3-b12a-bd31c23eccc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46455", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mpwcuibuak27", "content": "CVE-2026-46455: Apache Camel: Camel-Keycloak: The access-token validity window is not verified because the IS_ACTIVE check is missing from the TokenVerifier, allowing expired tokens to be accepted", "creation_timestamp": "2026-07-05T19:31:39.358735Z"}, {"uuid": "949fe04d-2b37-4bab-ab77-d3c277e6feaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46455", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpywepxbu62k", "content": "CVE-2026-46455 - apache camel\nApache Camel's Keycloak component fails to verify access token expiration dates, allowing expired tokens to be accepted. This issue affects Apache Camel versions\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#apachecamel #apachefoundation #CVE #infosec", "creation_timestamp": "2026-07-06T20:26:06.419098Z"}]}