Apache Karaf Decanter vulnerabilities

CVE-2026-24656 [LOW] CWE-502 CVE-2026-24656: Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to deserialization of untrusted data, eventually causing D