MEDIUM
quarkiverse
CVE published 2026-05-09
CVE-2026-42333
CVE-2026-42333 affects Quarkus OpenAPI Generator and can cause generated authentication filters to send credentials to unintended endpoints. The issue is an authorization-matching flaw rather than a remote code execution problem, but it can still expose bearer tokens, API keys, or basic credentials to the wrong same-method path.