Apache News Articles

Critical CVE-2025-66516 Exposes Apache Tika to XXE Attacks Across Core and Parser Modules - IT Security News

  A newly disclosed vulnerability in Apache Tika has had the cybersecurity community seriously concerned because researchers have confirmed that it holds a maximum CVSS severity score of 10.0. Labeled as CVE-2025-66516, the vulnerability facilitates XXE attacks and may allow…Read more →

4 days ago

Over 500 Apache Tika Instances Exposed Online to Critical XXE Attacks

CVE-2025-66516, carrying the maximum CVSS severity score of 10.0, represents a significant threat to organizations deploying vulnerable versions of the widely used document processing framework.

4 days ago

500+ Apache Tika Toolkit Instances Vulnerable to Critical XXE Attack Exposed Online

Apache Tika servers online are affected by a critical XXE vulnerability, which could let attackers steal data, cause DoS attacks.

4 days ago

Apache Tika CVE Expands To Critical Multi-Module Flaw

New advisory reveals Apache Tika’s XXE flaw affects multiple modules, requiring urgent updates.

4 days ago

CVE-2025-66516: Maximum-Severity Vulnerability in Apache Tika Could Lead to XML External Entity Injection Attack | SOC Prime

Explore details for CVE-2025-66516 vulnerability in Apache Tika, causing XML External Entity Injection, with a deep analysis on our SOC Prime blog.

5 days ago

Apache warns of 10.0-rated flaw in Tika metadata toolkit

Infosec in Brief The Apache Foundation last week warned of a 10.0-rated flaw in its Tika toolkit. Tika detects and extracts metadata from over 1,000 different file formats. Last August, Apache reported...

5 days ago

Critical Apache Tika Vulnerability Leads to XXE Injection

CVE-2025-66516 is a critical Apache Tika vulnerability can be exploited on all platforms in XXE injection attacks via crafted PDF files.

6 days ago

Apache Tika hit by critical vulnerability thought to be patched months ago

The scope of an old PDF parsing flaw has been widened to include more Tika modules.

6 days ago

Maximum-severity XXE vulnerability discovered in Apache Tika

A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks.

1 week ago

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

Critical XXE flaw CVE-2025-66516 affects multiple Apache Tika modules, exposing systems and requiring urgent updates.

1 week ago

Critical Apache Tika Core Vulnerability Exploited Through Malicious PDF Uploads

The flaw allows attackers to exploit systems by uploading specially crafted PDF files containing malicious XFA (XML Forms Architecture) content.

1 week ago

Apache Tika Core Flaw Allows Attackers to Exploit Systems with Malicious PDF Uploads

A newly disclosed critical vulnerability in Apache Tika could allow attackers to compromise servers by simply uploading a malicious PDF file.

1 week ago

Apache Struts Vulnerability Let Attackers Trigger Disk Exhaustion Attacks

Researchers found a flaw in Apache Struts that could allow attackers to trigger disk exhaustion attacks, rendering affected systems unusable.

2 weeks ago

Apache Struts Vulnerability Lets Attackers Trigger Disk Exhaustion Attacks

The flaw, identified as CVE-2025-64775, enables attackers to perform disk exhaustion denial-of-service (DoS) attacks that can render affected systems completely unavailable.

2 weeks ago

CVE-2025-55752 and CVE-2025-55754: Apache Tomcat Vulnerabilities Expose Servers to RCE Attacks | SOC Prime

Explore CVE-2025-55752 & CVE-2025-55754 vulnerabilities in Apache Tomcat, exposing servers to RCE, with the details on the SOC Prime blog.

Apache Tomcat CVE-2025-55752, 55754 Security Flaws

Apache warns of CVE-2025-55752 and CVE-2025-55754 in Tomcat 9–11, risking remote code execution and console attacks. Urgent updates are strongly advised.

Apache Tomcat Vulnerability: Update Now to Avoid Security Risks

Critical vulnerabilities discovered in Apache Tomcat. Urgent updates to prevent cyberattacks and protect web applications.

Apache Tomcat Security Vulnerabilities Expose Servers to Remote Code Execution Attacks

The Apache Software Foundation has highlighted critical flaws in Apache Tomcat, a widely used open-source Java servlet container that powers numerous web applications.

Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems

Attackers exploit CVE-2023-46604 in Apache ActiveMQ, deploy DripDropper malware, then patch flaw to secure persistence.

'DripDropper' Hackers Patch Their Own Exploit

An attacker is breaking into Linux systems via a widely abused 2-year-old vulnerability in Apache ActiveMQ, installing malware and then patching the flaw.

GreyNoise Observes Active Exploitation of Critical Apache Tomcat RCE Vulnerability (CVE-2025-24813)

Attackers are actively exploiting Apache Tomcat servers by leveraging CVE-2025-24813. If successfully exploited it could enable remote code execution. GreyNoise has identified multiple IPs engaging in this activity across multiple regions.

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances.

Apache Under the Lens: Tomcat’s Partial PUT and Camel’s Header Hijack

We analyze CVE-2025-24813 (Tomcat Partial PUT RCE), CVE-2025-27636 and CVE-2025-29891 (Camel Header Hijack RCE). We analyze CVE-2025-24813 (Tomcat Partial PUT RCE), CVE-2025-27636 and CVE-2025-29891 (Camel Header Hijack RCE).

Apache Tomcat and Camel Vulnerabilities Actively Exploited in The Wild

Apache Tomcat & Camel flaws (CVE-2025 series) hit 125K+ times in 70+ countries; bugs allow remote code execution on Java platforms.

Apache Tomcat and Camel Vulnerabilities Actively Targeted in Cyberattacks

The Apache Foundation disclosed several critical vulnerabilities affecting two of its widely used software platforms, Apache Tomcat and Apache Camel.

Apache Traffic Server CVE-2025-49763 Memory Exhaustion Risk

CVE-2025-49763 in Apache Traffic Server’s ESI plugin enables DoS attacks via memory exhaustion. Upgrade ATS and configure ACL settings to mitigate risks.

Apache InLong CVE-2025-27522 Exposes RCE Attacks

CVE-2025-27522 affects Apache InLong 1.13.0–2.1.0, enabling remote code execution via unsafe deserialization.

Apache Tomcat CGI Servlet Flaw Enables Security Constraint Bypass

The flaw, announced on May 29, 2025, is rooted in the improper handling of case sensitivity within the pathInfo component of URLs mapped to the CGI servlet.

Apache InLong JDBC Vulnerability Enables Deserialization of Untrusted Data

The flaw, affecting versions 1.13.0 through 2.1.0, centers on the deserialization of untrusted data during JDBC verification processing.

Recent Apache Tomcat RCE Vulnerabilities

There has been a recent string of media-hyped open-source component vulnerabilities in Apache Tomcat over the last several weeks. One of these (CVE-2025-24813) is receiving heightened scrutiny because it is...

Apache Tomcat Vulnerability Allows Remote Code Execution - PoC Released

A critical path equivalence vulnerability in Apache Tomcat, designated CVE-2025-24813, has been actively exploited in the wild.

Apache Parquet exploit tool detect servers vulnerable to critical flaw

A proof-of-concept exploit has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers.

Apache Parquet Java Vulnerability CVE-2025-46762 RCE Risk

A vulnerability in Apache Parquet Java (CVE-2025-46762) exposes systems to remote code execution (RCE) attacks.

PoC Published for Exploited SonicWall Vulnerabilities

PoC code targeting two exploited SonicWall vulnerabilities was published just CISA added them to the KEV catalog.

watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices

watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities (CVE-2024-38475 & CVE-2023-44221) leading to full system takeover.

CISA Confirms Exploitation of SonicWall Vulnerabilities

The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221) - Help Net Security

Attackers have exploited known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise Sonicwall secure mobile access devices.

CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation

SonicBoom, From Stolen Tokens to Remote Shells - SonicWall SMA (CVE-2023-44221, CVE-2024-38475)

Another day, another edge device being targeted - it’s a typical Thursday! In today’s blog post, we’re excited to share our previously private analysis of the now exploited in-the-wild N-day vulnerabilities affecting SonicWall’s SMA100 appliance. Over the last few months, our client base has fed us

Apache ActiveMQ Vulnerability Allows Remote Attackers to Execute Arbitrary Code

A critical security vulnerability (CVE-2025-29953) in Apache ActiveMQ’s NMS OpenWire Client has been disclosed, enabling remote attackers.

Two SonicWall SMA100 flaws actively exploited in the wild

SonicWall confirmed that threat actors actively exploited two vulnerabilities impacting its SMA100 Secure Mobile Access (SMA) appliances.

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models

SonicWall confirms wild exploitation of CVE-2023-44221 and CVE-2024-38475 in SMA100 devices, risking file access and session hijacking.

SonicWall Flags Two More Vulnerabilities as Exploited

SonicWall has updated the advisories for two vulnerabilities to warn that they are being exploited in the wild.

Multiple Vulnerabilities in Apache Tomcat Software

The Apache Software Foundation has released updates addressing multiple vulnerabilities affecting their Apache Tomcat software. Users and administrators of...

Critical Vulnerability in Apache Roller

Apache Software Foundation has released updates addressing a critical vulnerability affecting their Apache Roller. Users and administrators of the affected...

Max Severity Bug in Apache Roller Enabled Persistent Access

The remediated flaw gave adversaries a way to maintain access to the app through password resets.

Critical Apache Roller flaw allows to retain unauthorized access even after a password change

A critical flaw (CVE-2025-24859) in Apache Roller lets attackers keep access even after password changes. All versions ≤6.1.4 are affected

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

Apache Roller flaw CVE-2025-24859 keeps sessions active after password changes, risking persistent access.

Apache Roller Vulnerability Allows Hackers to Bypass Access Controls

A newly disclosed vulnerability in Apache Roller, the popular open-source blog server, could allow attackers to bypass critical access controls.