diff --git a/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/headers/MediaTypeHeaderDelegate.java b/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/headers/MediaTypeHeaderDelegate.java
index 88977f12023af..ed26840ce0c67 100644
--- a/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/headers/MediaTypeHeaderDelegate.java
+++ b/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/headers/MediaTypeHeaderDelegate.java
@@ -80,6 +80,9 @@ private static MediaType internalParse(String type) {
         } else {
             major = type.substring(0, typeIndex);
             if (paramIndex > -1) {
+                if (typeIndex + 1 > paramIndex) {
+                    throw new IllegalArgumentException("Failed to parse media type " + type);
+                }
                 subtype = type.substring(typeIndex + 1, paramIndex);
             } else {
                 subtype = type.substring(typeIndex + 1);
diff --git a/independent-projects/resteasy-reactive/common/runtime/src/test/java/org/jboss/resteasy/reactive/common/headers/MediaTypeHeaderDelegateTest.java b/independent-projects/resteasy-reactive/common/runtime/src/test/java/org/jboss/resteasy/reactive/common/headers/MediaTypeHeaderDelegateTest.java
new file mode 100644
index 0000000000000..4141af5ff6c26
--- /dev/null
+++ b/independent-projects/resteasy-reactive/common/runtime/src/test/java/org/jboss/resteasy/reactive/common/headers/MediaTypeHeaderDelegateTest.java
@@ -0,0 +1,21 @@
+package org.jboss.resteasy.reactive.common.headers;
+
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+
+public class MediaTypeHeaderDelegateTest {
+
+    public void parsingBrokenMediaTypeShouldThrowIllegalArgumentException_minimized() {
+        Assertions.assertThrows(IllegalArgumentException.class, () -> {
+            MediaTypeHeaderDelegate.parse("x; /x");
+        });
+    }
+
+    @Test
+    public void parsingBrokenMediaTypeShouldThrowIllegalArgumentException_actual() {
+        Assertions.assertThrows(IllegalArgumentException.class, () -> {
+            MediaTypeHeaderDelegate.parse("() { ::}; echo \"NS:\" $(/bin/sh -c \"expr 123456 - 123456\")");
+        });
+    }
+
+}
\ No newline at end of file