Remote Code Execution Risk in Apache Ranger by Apache
CVE-2025-59059

Currently unrated

Key Information:

Vendor

Apache
Status
Apache Ranger
Vendor
CVE Published:
3 March 2026

What is CVE-2025-59059?

A remote code execution vulnerability in the NashornScriptEngineCreator component has been identified in Apache Ranger versions up to 2.7.0. This flaw can potentially allow an attacker to execute arbitrary code remotely, compromising application security. Users are advised to upgrade to version 2.8.0 to mitigate this risk effectively.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Apache Ranger 0 <= 2.7.0

References

https://lists.apache.org/thread/z47q86rho80390lf2qcmoc2jo...
vendor-advisory

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

chengtianyi <chengtianyi@huawei.com>
JSON
.