Apache Exploited Vulnerabilities
Apache vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Basic Authentication Flaw in Apache Solr Affects User Security
CVE-2026-44825ApacheApache Solr👾🟡8.1HIGHImproper Authorization Vulnerability in Apache Tomcat by Apache
CVE-2026-43515ApacheApache Tomcat👾🟡9.1CRITICALMemory Allocation Vulnerability in Apache HTTP Server by Apache
CVE-2026-49975ApacheApache Http Server📈💰👾🟡EPSS 11%📰7.5HIGHCode Injection Vulnerability in Apache ActiveMQ Broker by Apache
CVE-2026-42588ApacheApache ActiveMQ Broker👾🟡8.1HIGHServer-Side Request Forgery in Apache Flink Kubernetes Operator
CVE-2026-40564ApacheApache Flink Kubernete...👾🟡6.5MEDIUMTiming Attack Vulnerability in Apache HTTP Server Affects Digest Authentication
CVE-2026-33006ApacheApache Http Server👾🟡4.8MEDIUMDouble Free and Remote Code Execution Vulnerability in Apache HTTP Server
CVE-2026-23918ApacheApache Http Server📈👾🟡EPSS 45%📰8.8HIGHArbitrary Code Execution Vulnerability in Apache MINA by Apache
CVE-2026-42779ApacheApache Mina👾🟡9.8CRITICALRemote Code Execution Vulnerability in Apache Camel's CoAP Component
CVE-2026-33453ApacheApache Camel👾🟡10CRITICALAuthentication Flaw in Apache Tomcat and Tomcat Native Software
CVE-2026-29145ApacheApache Tomcat👾🟡9.1CRITICALSAML Authentication Bypass in AWS Auth Manager by Apache
CVE-2026-25604ApacheApache Airflow Provide...👾🟡5.4MEDIUMHeader Injection Vulnerability in Apache APISIX by Apache Software Foundation
CVE-2026-31908ApacheApache Apisix👾🟡9.1CRITICALMissing Encryption of Sensitive Data Vulnerability in Apache Tomcat
CVE-2026-34486ApacheApache Tomcat📈👾🟡EPSS 15%7.5HIGHCode Injection Vulnerability in Apache ActiveMQ Broker Up to Version 6.2.2
CVE-2026-34197ApacheApache ActiveMQ Broker📈💰👾🟡EPSS 96%🦅📰8.8HIGHRemote Code Execution Risk in Apache Ranger by Apache
CVE-2025-59059ApacheApache Ranger👾🟡9.8CRITICALPath Traversal Vulnerability in Apache Livy by Apache
CVE-2025-66249ApacheApache Livy👾🟡6.3MEDIUMUnauthorized File Access Vulnerability in Apache Livy from Apache
CVE-2025-60012ApacheApache Livy👾🟡6.3MEDIUMDeserialization Vulnerability in Apache Camel LevelDB Component by Apache
CVE-2026-25747ApacheApache Camel Leveldb👾🟡8.8HIGHCross-Realm Token Acceptance Bypass in Apache Camel Keycloak Component
CVE-2026-23552ApacheApache Camel👾🟡9.1CRITICALInput Validation Flaw in Apache Solr Affects Core Creation Process
CVE-2026-22444ApacheApache Solr👾🟡7.1HIGHRemote Command Injection in Apache bRPC Heap Profiler Service
CVE-2025-60021ApacheApache Brpc👾🟡EPSS 26%9.8CRITICALMissing XML Validation Vulnerability in Apache Struts by Apache
CVE-2025-68493ApacheApache Struts👾🟡EPSS 23%📰8.1HIGHServer Side Includes Vulnerability in Apache HTTP Server by The Apache Software Foundation
CVE-2025-58098ApacheApache Http Server👾🟡8.3HIGHLate Memory Release Vulnerability in Apache HTTP Server
CVE-2025-53020ApacheApache Http Server👾🟡7.5HIGHXML External Entity Injection in Apache Tika Products
CVE-2025-66516ApacheApache Tika Core👾🟡EPSS 79%📰10CRITICAL