Apache News Articles
Recent news articles refferecing the vendors vulnerabilities.
Years-Old Apache Struts2 Vulnerability Downloaded 325K+ Times in the Past Week
AI-discovered Apache Struts vulnerability CVE-2025-68493 is still widely used, with over 380,000 downloads of vulnerable versions in just one week.
2 weeks ago
Cyber Security NewsCVE-2025-68493Critical Apache Struts 2 Vulnerability Allow Attackers to Steal Sensitive Data
XML external entity (XXE) injection flaw found in Apache Struts 2, exposing millions of applications to data theft and server compromise.
2 weeks ago
Cyber Security NewsCVE-2025-68493Critical Apache Struts 2 Vulnerability Allow Attackers to Steal Sensitive Data
XML external entity (XXE) injection flaw found in Apache Struts 2, exposing millions of applications to data theft and server compromise.
2 weeks ago
Red Hot CyberCVE-2025-68493Apache Struts 2 Vulnerability CVE-2025-68493 Exposes Sensitive Data
Discover the critical Apache Struts 2 vulnerability CVE-2025-68493 that exposes sensitive data. Learn how to protect your applications from data breaches and Denial-of-Service attacks.
2 weeks ago
gbhackers.comCVE-2025-68493Critical Apache Struts 2 Flaw Could Let Attackers Steal Sensitive Data
A vulnerability in Apache Struts 2’s XWork component could expose sensitive data and open the door to denial‑of‑service and server‑side request forgery (SSRF).
2 weeks ago
Security AffairsCVE-2025-66516Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika
Atlassian released security updates to address dozens of flaws, including multiple critical-severity vulnerabilities.
itsecuritynews.infoCVE-2025-66516Critical CVE-2025-66516 Exposes Apache Tika to XXE Attacks Across Core and Parser Modules - IT Security News
A newly disclosed vulnerability in Apache Tika has had the cybersecurity community seriously concerned because researchers have confirmed that it holds a maximum CVSS severity score of 10.0. Labeled as CVE-2025-66516, the vulnerability facilitates XXE attacks and may allow…Read more →
Cyber PressCVE-2025-66516Over 500 Apache Tika Instances Exposed Online to Critical XXE Attacks
CVE-2025-66516, carrying the maximum CVSS severity score of 10.0, represents a significant threat to organizations deploying vulnerable versions of the widely used document processing framework.
CybersecurityNewsCVE-2025-66516500+ Apache Tika Toolkit Instances Vulnerable to Critical XXE Attack Exposed Online
Apache Tika servers online are affected by a critical XXE vulnerability, which could let attackers steal data, cause DoS attacks.
Apache Tika CVE Expands To Critical Multi-Module Flaw
New advisory reveals Apache Tika’s XXE flaw affects multiple modules, requiring urgent updates.
Apache Issues Max-Severity Tika CVE After Patch Miss
The Apache Software Foundation's earlier fix for a critical Tika flaw missed the full scope of the vulnerability, prompting an updated advisory and CVE.
CVE-2025-66516: Maximum-Severity Vulnerability in Apache Tika Could Lead to XML External Entity Injection Attack | SOC Prime
Explore details for CVE-2025-66516 vulnerability in Apache Tika, causing XML External Entity Injection, with a deep analysis on our SOC Prime blog.
theregister.comCVE-2025-54988Apache warns of 10.0-rated flaw in Tika metadata toolkit
Infosec in Brief The Apache Foundation last week warned of a 10.0-rated flaw in its Tika toolkit. Tika detects and extracts metadata from over 1,000 different file formats. Last August, Apache reported...
Critical Apache Tika Vulnerability Leads to XXE Injection
CVE-2025-66516 is a critical Apache Tika vulnerability can be exploited on all platforms in XXE injection attacks via crafted PDF files.
csoonline.comApache Tika hit by critical vulnerability thought to be patched months ago
The scope of an old PDF parsing flaw has been widened to include more Tika modules.
Security AffairsCVE-2025-66516Maximum-severity XXE vulnerability discovered in Apache Tika
A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks.
The Hacker NewsCVE-2025-66516Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch
Critical XXE flaw CVE-2025-66516 affects multiple Apache Tika modules, exposing systems and requiring urgent updates.
Critical Apache Tika Core Vulnerability Exploited Through Malicious PDF Uploads
The flaw allows attackers to exploit systems by uploading specially crafted PDF files containing malicious XFA (XML Forms Architecture) content.
GBHackers NewsCVE-2025-66516Apache Tika Core Flaw Allows Attackers to Exploit Systems with Malicious PDF Uploads
A newly disclosed critical vulnerability in Apache Tika could allow attackers to compromise servers by simply uploading a malicious PDF file.
CybersecurityNewsCVE-2025-64775Apache Struts Vulnerability Let Attackers Trigger Disk Exhaustion Attacks
Researchers found a flaw in Apache Struts that could allow attackers to trigger disk exhaustion attacks, rendering affected systems unusable.
Cyber PressCVE-2025-64775Apache Struts Vulnerability Lets Attackers Trigger Disk Exhaustion Attacks
The flaw, identified as CVE-2025-64775, enables attackers to perform disk exhaustion denial-of-service (DoS) attacks that can render affected systems completely unavailable.
CVE-2025-55752 and CVE-2025-55754: Apache Tomcat Vulnerabilities Expose Servers to RCE Attacks | SOC Prime
Explore CVE-2025-55752 & CVE-2025-55754 vulnerabilities in Apache Tomcat, exposing servers to RCE, with the details on the SOC Prime blog.
The Cyber ExpressCVE-2025-55752Apache Tomcat CVE-2025-55752, 55754 Security Flaws
Apache warns of CVE-2025-55752 and CVE-2025-55754 in Tomcat 9–11, risking remote code execution and console attacks. Urgent updates are strongly advised.
Red Hot CyberApache Tomcat Vulnerability: Update Now to Avoid Security Risks
Critical vulnerabilities discovered in Apache Tomcat. Urgent updates to prevent cyberattacks and protect web applications.