the apache Exploited Vulnerabilities
The apache vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Remote Code Execution Vulnerability in Apache Camel's CoAP Component
CVE-2026-33453ApacheApache Camel👾🟡10CRITICALAuthentication Flaw in Apache Tomcat and Tomcat Native Software
CVE-2026-29145ApacheApache Tomcat👾🟡9.1CRITICALSAML Authentication Bypass in AWS Auth Manager by Apache
CVE-2026-25604ApacheApache Airflow Provide...👾🟡5.4MEDIUMHeader Injection Vulnerability in Apache APISIX by Apache Software Foundation
CVE-2026-31908ApacheApache Apisix👾🟡9.1CRITICALMissing Encryption of Sensitive Data Vulnerability in Apache Tomcat
CVE-2026-34486ApacheApache Tomcat👾🟡7.5HIGHCode Injection Vulnerability in Apache ActiveMQ Broker Up to Version 6.2.2
CVE-2026-34197ApacheApache ActiveMQ Broker📈💰👾🟡EPSS 65%🦅📰8.8HIGHRemote Code Execution Risk in Apache Ranger by Apache
CVE-2025-59059ApacheApache Ranger👾🟡9.8CRITICALPath Traversal Vulnerability in Apache Livy by Apache
CVE-2025-66249ApacheApache Livy👾🟡6.3MEDIUMUnauthorized File Access Vulnerability in Apache Livy from Apache
CVE-2025-60012ApacheApache Livy👾🟡6.3MEDIUMDeserialization Vulnerability in Apache Camel LevelDB Component by Apache
CVE-2026-25747ApacheApache Camel Leveldb👾🟡8.8HIGHCross-Realm Token Acceptance Bypass in Apache Camel Keycloak Component
CVE-2026-23552ApacheApache Camel👾🟡9.1CRITICALInput Validation Flaw in Apache Solr Affects Core Creation Process
CVE-2026-22444ApacheApache Solr👾🟡7.1HIGHRemote Command Injection in Apache bRPC Heap Profiler Service
CVE-2025-60021ApacheApache Brpc👾🟡9.8CRITICALMissing XML Validation Vulnerability in Apache Struts by Apache
CVE-2025-68493ApacheApache Struts👾🟡📰8.1HIGHServer Side Includes Vulnerability in Apache HTTP Server by The Apache Software Foundation
CVE-2025-58098ApacheApache Http Server👾🟡8.3HIGHLate Memory Release Vulnerability in Apache HTTP Server
CVE-2025-53020ApacheApache Http Server👾🟡7.5HIGHXML External Entity Injection in Apache Tika Products
CVE-2025-66516ApacheApache Tika Core👾🟡📰10CRITICALDenial of Service Vulnerability in Apache Struts by Apache
CVE-2025-64775ApacheApache Struts👾📰7.5HIGHUnrestricted Upload of Dangerous File Type in Apache OFBiz
CVE-2025-59118ApacheApache Ofbiz👾🟡7.3HIGHRelative Path Traversal Vulnerability in Apache Tomcat by Apache
CVE-2025-55752ApacheApache Tomcat🥇📈👾🟡📰7.5HIGHAccess Control Bypass in Apache HTTP Server with mod_ssl
CVE-2025-23048ApacheApache Http Server👾🟡9.1CRITICALDeserialization Vulnerability in Pyfory and Legacy Pyfury Software
CVE-2025-61622ApacheApache Fory👾🟡9.8CRITICALXML External Entity Injection Vulnerability in Apache Tika PDF Parsing Module
CVE-2025-54988ApacheApache Tika PDF Parser...👾🟡📰8.4HIGHRemote Code Execution Vulnerability in XAMPP WebDAV by Apache Friends
CVE-2012-10062Apache FriendsXampp👾🟡EPSS 57%8.7HIGHArbitrary File Read and SSRF Vulnerability in Apache Kafka Client by Apache
CVE-2025-27817ApacheApache Kafka Client👾🟡EPSS 22%7.5HIGH