Apache Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by apache
Vulnerability Published:
- ๐๏ธ Published - - Anytime 
Sort By:
- ๐๏ธ Published Date - - Descending 
- Relative Path Traversal Vulnerability in Apache Tomcat by ApacheCVE-2025-55752ApacheApache Tomcat๐๐พ๐ก๐ฐ7.5HIGH
- Improper Control Sequence Neutralization in Apache Tomcat by Apache Software FoundationCVE-2025-55754ApacheApache Tomcat9.6CRITICAL
- Remote Code Execution in Apache Syncope Due to Groovy Code Injection VulnerabilityCVE-2025-57738ApacheApache Syncope7.2HIGH
- CSRF Vulnerability in Apache Geode Management and Monitoring APICVE-2025-47410ApacheApache Geode8.8HIGH
- Inefficient Regular Expression Complexity Vulnerability in Apache Traffic ControlCVE-2025-61581ApacheApache Traffic Control7.5HIGH
- Deserialization Vulnerability in Apache ActiveMQ NMS AMQP ClientCVE-2025-54539ApacheApache ActiveMQ Nms AM...9.8CRITICAL
- Incorrect Execution-Assigned Permissions Vulnerability in Apache StreamParkCVE-2025-30001ApacheApache Streampark7.3HIGH
- Server-Side Request Forgery Vulnerability in Apache Kylin by ApacheCVE-2025-61735ApacheApache Kylin7.3HIGH
- Authentication Bypass Vulnerability in Apache Kylin Affects UsersCVE-2025-61733ApacheApache Kylin7.5HIGH
- Files Accessible to External Parties in Apache Kylin by ApacheCVE-2025-61734ApacheApache Kylin7.5HIGH
- Deserialization Vulnerability in Pyfory and Legacy Pyfury SoftwareCVE-2025-61622ApacheApache Fory๐พ๐ก9.8CRITICAL
- Apache IoTDB Vulnerability in Version Range 1.3.3 to 2.0.4CVE-2025-48392ApacheApache Iotdb7.5HIGH
- LDAP Injection Vulnerability in Apache HertzBeat Affects User SecurityCVE-2025-48208ApacheApache Hertzbeat (incu...8.8HIGH
- XML Injection Vulnerability in Apache HertzBeatCVE-2025-24404ApacheApache Hertzbeat (incu...8.8HIGH
- Incorrect Default Permissions Vulnerability in Apache DolphinScheduler by ApacheCVE-2024-43166ApacheApache Dolphinscheduler9.8CRITICAL
- Improper Input Validation in Apache DolphinScheduler by ApacheCVE-2024-43115ApacheApache Dolphinscheduler8.8HIGH
- Remote Code Execution Vulnerability in XAMPP WebDAV by Apache FriendsCVE-2012-10062Apache FriendsXampp๐พ๐กEPSS 50%8.7HIGH
- Privilege Escalation Vulnerability in Apache Cassandra by The Apache Software FoundationCVE-2025-26467ApacheApache Cassandra8.8HIGH
- SQL Injection Vulnerability in Apache StreamPark by ApacheCVE-2024-48988ApacheApache Streampark7.6HIGH
- XML External Entity Injection Vulnerability in Apache Tika PDF Parsing ModuleCVE-2025-54988ApacheApache Tika PDF Parser...๐พ๐ก8.4HIGH
- Improper Neutralization of Expression/Command Delimiters in Apache Commons OGNLCVE-2025-53192ApacheApache Commons Ognl8.8HIGH
- Memory Allocation Flaw in Apache bRPC Redis Protocol ParserCVE-2025-54472ApacheApache Brpc7.5HIGH
- Improper Resource Shutdown Vulnerability in Apache Tomcat by ApacheCVE-2025-48989ApacheApache Tomcat7.5HIGH
- Deserialization Vulnerability in Apache Seata by ApacheCVE-2025-53606ApacheApache Seata (incubating)9.8CRITICAL
- RMI and LDAP URL Configuration Vulnerability in Apache CXFCVE-2025-48913ApacheApache Cxf9.8CRITICAL