Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
CVE-2026-3260 is a high severity vulnerability with a CVSS score of 7.5. No known exploits currently, and patches are available.
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.
Very low probability of exploitation
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like getParameterMap(), the server prematurely parses and stores this content to disk. This could lead to resource exhaustion, potentially resulting in a Denial of Service (DoS).
| Vendor | Product |
|---|---|
| Redhat | Build Of Apache Camel Hawtio |
| Redhat | Undertow |
| Redhat | Single Sign On |
| Redhat | Enterprise Linux |
| Redhat | Jboss Enterprise Application Platform |
| Redhat | Process Automation |
| Redhat | Build Of Apache Camel For Spring Boot |
| Redhat | Data Grid |
| Redhat | Jboss Enterprise Application Platform Expansion Pack |
| Redhat | Fuse |