Apache Latest High & Critical Vulnerabilities

Latest High & Critical vulnerabilities published by apache

JSON RSS CSV 🔔 Create Alert Trigger

12 June 2026

Apache CXF: No restriction on attachment headers per message
CVE-2026-50645
ApacheApache Cxf7.5HIGH
Apache CXF: JNDI Injection vulnerability in DispatchMDBMessageListenerImpl
CVE-2026-50633
ApacheApache Cxf8.1HIGH
Apache CXF: JNDI Injection Vulnerability in JMSConfigFactory
CVE-2026-50632
ApacheApache Cxf8.1HIGH
Apache CXF: OAuth2: TOCTOU Race Condition in Refresh Token Processing
CVE-2026-50631
ApacheApache Cxf7.4HIGH

10 June 2026

8 June 2026

4 June 2026

Apache Fory: Java ReplaceResolverSerializer deserialization checks bypass
CVE-2026-50076
ApacheApache Fory9.1CRITICAL

3 June 2026

Filter Bypass Vulnerability in Apache Product
CVE-2026-47065
ApacheApache Mina9.8CRITICAL

1 June 2026