Apache
Monthly
Privilege escalation via improper authorization in Apache ActiveMQ before 5.19.8 and 6.0.0 before 6.2.7 lets an authenticated low-privilege Web Console user reach the administrative /admin/* paths that should be restricted to administrators. The flaw stems from default Jetty configuration that failed to scope those paths to admin roles, granting low-priv users administrative Web Console functionality. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Denial of service in Apache ActiveMQ (Client, broker, and All distributions) before 5.19.8 and 6.x before 6.2.7 lets a remote unauthenticated attacker crash the broker by sending a crafted WireFormatInfo frame containing an oversized size value during the pre-authentication protocol negotiation. Because the size is consumed before any authentication occurs, the broker attempts a massive memory allocation, triggering an out-of-memory condition and process crash. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV; the fix is shipped in 6.2.7 and 5.19.8.
Remote denial of service in Apache ActiveMQ (versions 5.19.7 and 6.2.6) allows an unauthenticated attacker to exhaust broker heap memory and crash the service with an OutOfMemory error. The flaw is a regression introduced by the fix for CVE-2026-49270: an attacker repeatedly sends OpenWire BrokerInfo commands while never sending the expected ConnectionInfo, causing unbounded state accumulation until the broker dies. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the unauthenticated network reachability makes it a credible availability threat to exposed brokers.
Unauthorized message consumption in Apache ActiveMQ Classic lets a connected client read from temporary destinations belonging to a different connection, breaking the per-connection isolation that applications rely on. The root cause is that the isolation check is enforced only client-side, so a malicious or rogue client can subscribe to and drain another connection's temporary queue/topic. It affects ActiveMQ (Broker/All/Classic) before 5.19.8 and 6.0.0 before 6.2.7; there is no public exploit identified at time of analysis, and it is not in CISA KEV.
Denial of service in Apache ActiveMQ (versions before 5.19.8, and 6.0.0 before 6.2.7) lets an authenticated user crash the broker by sending a crafted OpenWire message whose property map declares an excessively large encoded size. Because the map is unmarshaled without validating the declared size against actual payload bounds, the broker pre-allocates massive memory and hits an OutOfMemory condition. No public exploit identified at time of analysis and the issue is not in CISA KEV, but the low attack complexity and availability of a vendor patch make it a practical operational concern for exposed brokers.
Unbounded heap consumption in Apache ActiveMQ's STOMP NIO codec allows an unauthenticated remote client to crash the broker by streaming non-terminating header bytes that the JVM buffers without limit until memory is exhausted. All three affected Maven artifacts (apache-activemq, activemq-all, activemq-stomp) are impacted in versions before 5.19.8 and in the 6.0.0-6.2.6 range. No public exploit code or active exploitation has been identified at time of analysis, but the unauthenticated, low-complexity network attack surface against a widely-deployed enterprise broker makes this a credible denial-of-service risk for any deployment with an exposed STOMP port.
Stored cross-site scripting in Apache ActiveMQ Web Console allows an authenticated message producer to inject malicious JavaScript via a crafted JMS message ID, which executes in the browser of any administrator who browses the affected queue. The browse page renders message IDs without HTML sanitization, enabling privilege escalation from producer to administrator via session hijacking or credential theft. No public exploit identified at time of analysis and not listed in CISA KEV; rated moderate severity by Apache, consistent with the authentication prerequisite and required user interaction.
Authentication bypass in Apache Tomcat (7.0.0-7.0.109, 8.5.0-8.5.100, 9.0.0.M1-9.0.100, 10.1.0-M1-10.1.36, 11.0.0-M1-11.0.4) lets remote attackers authenticate without supplying the correct password when the JNDIRealm is configured to validate credentials via GSSAPI bind. The flaw (CWE-304, Missing Critical Step in Authentication) means the realm accepts a bind as successful even when the password verification step is effectively skipped. There is no public exploit identified at time of analysis, EPSS risk is low (0.21%, 12th percentile), and it is not listed in CISA KEV.
Improper Authorization (CWE-285) in Apache Tomcat's default servlet allows HTTP method-based and method-omission security constraints to be silently bypassed across all major supported Tomcat branches from 7.0.x through 11.0.x. An attacker can perform HTTP operations - such as PUT or DELETE - that the web.xml security constraint configuration was intended to restrict, potentially enabling unauthorized file upload, modification, or deletion on the default servlet's served content. No active exploitation has been confirmed (not in CISA KEV) and no CVSS score has been published at time of analysis, but the broad version range and ubiquitous deployment footprint of Tomcat make prompt patching a priority.
Replay attack vulnerability in Apache Tomcat's cluster EncryptionInterceptor allows a network-adjacent attacker to retransmit previously captured encrypted inter-node cluster messages, causing receiving nodes to accept and process them as legitimate - potentially corrupting distributed session state or triggering unintended cluster actions. All major supported branches are affected: 11.0.0-M1 through 11.0.22, 10.1.0-M1 through 10.1.55, 9.0.13 through 9.0.18, plus end-of-life branches 8.5.38-8.5.100 and 7.0.100-7.0.109. No public exploit or CISA KEV listing has been identified at time of analysis; however, the breadth of affected versions across all active and legacy branches elevates organizational exposure, particularly for environments running EOL 8.5.x or 7.x with no available patch.
Incomplete security-constraint logging in Apache Tomcat (8.5.0-8.5.100, 9.0.0.M1-9.0.118, 10.1.0-M1-10.1.55, 11.0.0-M1-11.0.22) omits special roles and empty authorization constraints when the effective web.xml is written to the log, giving administrators an inaccurate view of the deployed access-control configuration. There is no public exploit identified at time of analysis, EPSS is low (0.17%, 7th percentile), and CISA SSVC marks exploitation status as none, despite the inflated 9.1 CVSS published by Apache. The practical effect is misleading audit/diagnostic output rather than direct attacker compromise.
Improper handling of a Certificate Revocation List (CRL) error condition in Apache Tomcat's FFM-based (Foreign Function & Memory / OpenSSL) connector allows revoked client certificates to be accepted during mutual TLS authentication, defeating revocation checking. The flaw affects Tomcat 9.0.83-9.0.118, 10.1.0-M7-10.1.55, and 11.0.0-M1-11.0.22 when a CRL is configured on the FFM connector, letting an attacker holding a revoked-but-otherwise-valid client certificate reach protected resources. There is no public exploit identified at time of analysis and the issue is not on CISA KEV, though the CVSS base score is 9.1 (CWE-390).
Access-control bypass in Apache Tomcat's RewriteValve (versions 8.5.0-8.5.100, 9.0.0.M1-9.0.118, 10.1.0-M1-10.1.55, and 11.0.0-M1-11.0.22) arises because once the first condition in an OR (`[OR]`) chain matched, subsequent non-OR conditions were never evaluated. Where operators rely on chained rewrite conditions to gate or restrict requests, an attacker can satisfy only the first condition and have later guard conditions silently skipped, leading to information disclosure or unintended request routing. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; Apache has released fixes in 11.0.23, 10.1.56, and 9.0.119.
Reflected XSS in Apache Tomcat's bundled 'number guess' example application exposes users of that demo page to script injection across all major Tomcat release lines from 7.0 through 11.0. The flaw resides in a sample JSP/servlet, not the core Tomcat runtime, meaning exploitation depends entirely on the example application being deployed and accessible - a configuration that violates standard production hardening guidance. No public exploit code or active exploitation has been identified at time of analysis; no CVSS vector was assigned by the reporter.
Path traversal in Apache IoTDB (1.0.0 before 1.3.6 and 2.0.0 before 2.0.7) allows remote attackers to read and write files outside the intended restricted directory by supplying crafted pathnames, leading to high confidentiality and integrity impact. The CVSS 3.1 base score is 9.1 (AV:N/AC:L/PR:N/UI:N) indicating network-reachable, unauthenticated exploitation against affected versions. No public exploit identified at time of analysis and the issue is not listed in CISA KEV; fixed versions 1.3.6 and 2.0.7 are available from the Apache vendor.
Path traversal in Apache IoTDB (versions 1.0.0–1.3.5 and 2.0.0–2.0.5) lets remote unauthenticated attackers reference files outside the intended directory using crafted '../' sequences in a pathname, yielding high-impact disclosure and modification of files (C:H/I:H). With a CVSS 3.1 score of 9.1 and PR:N/UI:N, the flaw is exploitable over the network against affected instances with no credentials or user interaction. No public exploit code has been identified at time of analysis, and the issue is not listed in CISA KEV.
Authentication bypass in Apache Kerby before 2.1.2 lets remote attackers defeat Kerberos pre-authentication by submitting a PA-DATA element with an unrecognized or unsupported type, causing the KDC to skip the pre-auth check rather than reject the request. The flaw affects all Apache Kerby deployments below 2.1.2 acting as a Kerberos KDC/AS, and is fixed in version 2.1.2. There is no public exploit identified at time of analysis, no CISA KEV listing, and EPSS data was not provided; CVSS is rated 7.3 (High) with partial confidentiality, integrity, and availability impact.
Denial of service in Apache Kerby allows remote attackers to crash a Kerby client or service by delivering a deeply nested ASN1 structure that exhausts JVM stack depth and triggers an unhandled StackOverflowException. All versions prior to 2.1.2 are affected. No public exploit code or CISA KEV listing has been identified at time of analysis, but the attack primitive (malformed Kerberos ASN1 message) requires no authentication and is trivially constructible, making this a realistic operational risk for any internet- or network-exposed Kerby deployment.
Cleartext data-channel exposure in the Apache Airflow FTP provider (apache-airflow-providers-ftp before 3.15.1) lets a network attacker positioned on the data path read file contents and credentials moved over FTPS. The FTPSHook.get_conn() method established an ftplib.FTP_TLS control connection but never issued PROT P, so payloads transferred via FTPSHook or FTPSFileTransmitOperator traveled in plaintext despite the TLS-protected control channel. There is no public exploit identified at time of analysis, EPSS is very low (0.10%, 1st percentile), and it is not on CISA KEV.
Unrestricted PHP file upload in K2 extension for Joomla (versions 1.0–2.26) enables any authenticated K2 Author to achieve remote code execution by uploading a PHP webshell via the frontend article-attachment upload endpoint and executing it through Apache mod_php. Because the upload handler performs no extension filtering, a `.php` file is written to `/media/k2/attachments/` and served by Apache's standard `\.php$` handler, executing arbitrary code as the web server process user. No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV, though the attack path is elementary once Author-level access is obtained.
Remote denial-of-service in Apache Kvrocks via an integer overflow in the RESTORE command's IntSet deserialization path. An attacker who can send commands to a Kvrocks instance can supply a crafted RDB-serialized IntSet payload to the RESTORE command, triggering an integer overflow that crashes the server process. This vulnerability was disclosed pre-NVD via the oss-security mailing list on 2026-06-25 alongside two other Kvrocks CVEs (CVE-2026-46751, CVE-2026-46752), suggesting a coordinated security audit of the project; no public exploit code or CISA KEV listing has been identified at time of analysis.
Privilege bypass in Apache Kvrocks exposes the internal APPLYBATCH command without proper permission enforcement, letting an authenticated low-privilege client write raw batches directly to the underlying RocksDB storage engine and bypass the server's command ACL model. The flaw (CWE-280, improper handling of permissions) carries a CVSS 4.0 base of 9.4 due to high integrity and availability impact and an irrecoverable-damage recovery rating. No public exploit identified at time of analysis, and it is not listed in CISA KEV; it was disclosed pre-NVD via the oss-security mailing list on 2026-06-25 alongside two sibling Kvrocks CVEs.
Replication Fullsync in Apache Kvrocks fails to validate filenames transmitted from a master node to a replica during full synchronization, enabling path traversal to arbitrary filesystem locations. Deployments using Kvrocks master-replica replication are affected; standalone instances with no replication configured are not exposed. An attacker who controls or can impersonate a master node can cause a replica to read or write files outside its intended data directory - no public exploit has been identified and this CVE is not listed in the CISA KEV catalog at time of analysis.
Memory corruption in Apache Kvrocks' embedded Lua scripting engine allows a client able to run EVAL/EVALSHA commands to trigger a stack buffer overflow in the bit.tohex() function, potentially crashing the server or corrupting process memory toward code execution. Kvrocks is a Redis-protocol-compatible distributed key-value store, and this flaw was disclosed via the oss-security mailing list on 2026-06-25 alongside three other Kvrocks issues. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Lua sandbox escape in Apache Kvrocks exposes the host environment to authenticated users who hold EVAL command privileges. The database fails to strip the `loadstring` function from its Lua scripting environment, which is a standard hardening step in Redis-protocol-compatible systems; retaining it allows a sandboxed Lua script to load and execute arbitrary Lua bytecode dynamically, effectively escaping the intended script isolation. No public exploit code or CISA KEV listing exists at time of analysis; however, sandbox escapes of this class are well-understood and exploitable by any user granted EVAL access.
Insufficient session expiration in Apache Shiro's RememberMe feature allows a stolen cookie to be replayed indefinitely, bypassing the configured cookie age restriction. All shiro-web deployments from version 1.2.4 through the entire 2.x line and the 3.0.0-alpha-1 pre-release are affected whenever RememberMe is enabled. An attacker who intercepts a victim's RememberMe cookie - through network interception, XSS, or similar means - can reuse it without time limit, effectively maintaining persistent unauthorized access to the victim's session even after the configured expiration has elapsed. No public exploit code or CISA KEV listing has been identified at time of analysis.
Authentication bypass in Apache Shiro affects deployments using the shiro-guice module in a web servlet context, where a specially crafted HTTP request can evade path-based access controls and reach protected resources without valid credentials. It mirrors the older shiro-spring flaw CVE-2020-1957 but targets the Guice integration instead, impacting all Shiro releases through 2.x and 3.0.0-alpha-1. No public exploit identified at time of analysis, though the CVSS 4.0 base score of 8.2 reflects high confidentiality impact and the close analogy to a previously exploited bug class.
Unauthenticated information disclosure in WWBN AVideo (versions prior to 29.0) deployed via the official docker-compose.yml exposes the application's .env file at /.env, leaking database credentials, the SYSTEM_ADMIN_PASSWORD, and internal Docker network topology. The default Apache document root mount lacks any rule blocking dotfile access, so a single curl request to /.env returns plaintext secrets. No public exploit identified at time of analysis, though reproduction is trivial against any default Docker deployment.
SQL injection in Apache Doris MCP Server versions 0.1.0 through 0.6.0 allows authenticated attackers (or anonymous attackers when authentication is disabled) to inject arbitrary SQL through a database-name parameter in a metadata query path, bypassing the caller's authorization context. Because the query executes without the requester's auth context, attackers can read metadata across databases they should not be able to see. No public exploit identified at time of analysis, and SSVC currently marks exploitation as 'none'.
Host header injection in Apache NiFi 0.0.1 through 2.9.0 enables network-accessible clients to supply arbitrary values via X-ProxyHost and X-Forwarded-Host HTTP headers, causing the application to construct attacker-controlled qualified URLs used in HTTP redirects and data references. Although NiFi introduced an allowlist-based Host header control (nifi.web.proxy.host) in version 1.6.0, that validation was never extended to the alternative proxy and forwarded headers, leaving a persistent gap across roughly a decade of releases. No public exploit code has been identified at time of analysis and CVE-2026-54665 is not listed in CISA KEV; practical risk centers on open-redirect abuse, link manipulation, and potential bypass of same-origin assumptions rather than direct code execution.
Authorization bypass in Apache NiFi 1.12.0 through 2.9.0 allows authenticated users with general write access to add Restricted-annotated extension components when replacing Process Groups, despite lacking the explicit Restricted-component privilege. The flaw stems from the framework failing to enforce Restricted-annotation checks during Process Group replacement, effectively letting privileged-component installation bypass its intended authorization boundary. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
SQL injection via improperly escaped MySQL table names in Apache NiFi's CaptureChangeMySQL Processor (versions 1.2.0 through 2.9.0) allows an attacker with MySQL CREATE TABLE access in a monitored database to inject arbitrary SQL commands executed under NiFi's MySQL service credentials. A partial mitigation introduced in 1.8.0 added manual quoted boundaries that narrowed - but did not eliminate - the injection surface; the root flaw persisted for years until full remediation in 2.10.0. No public exploit identified at time of analysis and not listed in CISA KEV; the issue was discovered by Roberto Suggi Liverani of the NATO Cyber Security Centre (NCSC) and disclosed in April 2026.
Incorrect authorization enforcement in Apache NiFi 1.15.0 through 2.9.0 allows read-privileged users to submit configuration verification requests containing arbitrary proposed properties, bypassing the write-access requirement. The nifi-web-api REST endpoints for component configuration verification accepted proposed configuration overrides from any authenticated user with read access, enabling those users to invoke predefined verification methods - such as testing connectivity, credentials, or remote service endpoints - with attacker-supplied settings. No public exploit has been identified at time of analysis, and the fix is confirmed available in Apache NiFi 2.10.0.
Stored XSS in Apache Atlas's Create Entity page allows any authenticated user to inject persistent malicious JavaScript that executes in other users' browsers. All deployments running Apache Atlas 2.4.0 and earlier are affected. An attacker with a valid account can store a crafted payload that triggers against higher-privileged users - such as administrators - who later view the poisoned entity, enabling session hijacking or credential theft. No public exploit or CISA KEV listing has been identified at time of analysis.
Server-Side Request Forgery and arbitrary JavaScript injection in Craft CMS 4.x (before 4.18) and 5.x (before 5.10) allow remote unauthenticated attackers to poison the Host or X-Forwarded-Host header against the /actions/app/resource-js endpoint, forcing the backend Guzzle client to proxy attacker-controlled content as application/javascript. When the instance sits behind a caching layer, this chains into web cache poisoning, stored XSS in the Control Panel, and 1-click RCE via session-riding the plugin install action. No public exploit identified at time of analysis, though the GitHub Security Advisory (GHSA-c55v-343g-5xff) provides detailed exploitation mechanics.
Authentication bypass in Apache APISIX 3.0.0 through 3.16.0 allows a network-accessible attacker holding valid credentials from an alternate CAS (Central Authentication Service) source to authenticate against routes protected by the cas-auth plugin, circumventing intended access controls on protected backend APIs. The flaw, rooted in insufficient credential-origin validation within the cas-auth plugin (CWE-287), enables a credential confusion attack across identity sources - potentially granting unauthorized access to downstream systems the gateway is meant to protect. No public exploit code or CISA KEV listing exists at time of analysis; Apache has released version 3.17.0 as the confirmed fix.
The cas-auth plugin in Apache APISIX 3.0.0-3.16.0 enables identity substitution via CSRF under its default configuration. An attacker who lures a victim to an attacker-controlled webpage can cause the victim's browser to complete a CAS authentication handshake as the attacker's identity within the APISIX gateway. Subsequent API gateway actions performed by the victim are then recorded and authorized under the attacker's account, creating audit trail corruption and potential authorization abuse. No public exploit code exists and this CVE is not listed in CISA KEV at time of analysis.
HMAC authentication replay in Apache APISIX 3.11.0 through 3.16.0 permits remote attackers who have captured a valid hmac-auth signed token to reuse that token indefinitely, entirely bypassing expiry enforcement under certain plugin configurations. The CVSS 4.0 vector (6.3, AT:P) confirms exploitation depends on a specific hmac-auth configuration condition, limiting blanket exposure but posing significant risk to affected deployments where tokens can be intercepted. No public exploit code or CISA KEV listing has been identified at time of analysis; the fix is available in version 3.17.0 per the Apache security advisory.
Open redirect in Apache APISIX 3.0.0 through 3.16.0 enables unauthenticated remote attackers to manipulate specific HTTP client headers, causing victim users to be redirected to attacker-controlled sites with potential session token leakage. Exploitation requires active user interaction and specific attack conditions (CVSS 4.0 AT:P, UI:A), yielding a vendor-assigned score of 2.1 (Low) - limiting realistic exposure to targeted phishing scenarios rather than opportunistic mass exploitation. No public exploit code or CISA KEV listing exists at time of analysis; the Apache Software Foundation has released a vendor-confirmed fix in version 3.17.0.
Identity header spoofing in the Apache APISIX OPA (Open Policy Agent) plugin allows low-privileged network attackers to relay forged identity headers to upstream services, potentially assuming elevated privileges on those services. Versions 3.5.0 through 3.16.0 are affected, but only when the OPA plugin is deployed in a non-default configuration that fails to sanitize inbound identity headers before forwarding them. No public exploit or active exploitation has been identified; the CVSS 4.0 score of 2.3 reflects the constrained real-world impact driven by the specific configuration prerequisite and the limitation that only downstream upstream services are affected rather than APISIX itself.
Authentication bypass in Apache APISIX's jwe-decrypt plugin (versions 3.8.0 through 3.16.0) allows unauthenticated network attackers to circumvent JWE token integrity validation and reach services protected by the gateway. The root cause (CWE-354) is improper validation of the JWE authentication tag under the plugin's default configuration, meaning crafted or tampered tokens are accepted as legitimate. No public exploit code and no CISA KEV listing are identified at time of analysis; the vendor-released fix is Apache APISIX 3.17.0.
Open redirect in Apache APISIX's cas-auth plugin exposes users to phishing and credential theft when the plugin is used in its default configuration. Affected are all APISIX deployments running versions 3.0.0 through 3.16.0 with cas-auth enabled. An unauthenticated remote attacker can craft a malicious CAS authentication URL that redirects victims to an attacker-controlled site, enabling session hijacking or credential harvesting. No public exploit or KEV listing is recorded at time of analysis, and the CVSS 4.0 base score of 2.1 reflects the attacker's dependence on user interaction and the absence of direct system-level impact.
Identity header spoofing in Apache APISIX's openid-connect plugin (versions 2.3 through 3.16.0) enables low-privileged network attackers to bypass authentication controls and gain unauthorized access to protected upstream resources. The plugin, under its default configuration, fails to strip or validate incoming identity-bearing HTTP headers presented by clients before forwarding requests to backend services, allowing an attacker to inject arbitrary identity claims. No public exploit code or confirmed active exploitation (CISA KEV) has been identified at time of analysis, but the network-exploitable nature and high impact on subsequent systems (SC:H/SI:H in CVSS 4.0) elevate this beyond its moderate overall score.
Incorrect authorization in the Apache APISIX authz-casdoor plugin allows a network-authenticated attacker to cross-authenticate using credentials from a different identity source, effectively bypassing the intended authorization boundary. Affected versions span 2.14.1 through 3.16.0, covering a wide deployment surface for this popular open-source API gateway. The CVSS 4.0 vector signals no direct impact to APISIX itself but high confidentiality and integrity impact on subsequent systems - the upstream APIs and services the gateway is meant to protect. No public exploit code or CISA KEV listing has been identified at time of analysis.
The wolf-rbac plugin in Apache APISIX 1.2.0 through 3.16.0 trusts client-controlled identity and IP data under its default configuration, allowing a low-privileged network attacker to inject spoofed identity information into application logs and manipulate IP-based access control rule evaluation. Rooted in CWE-348 (Use of Less-Trusted Source), the plugin accepts identity claims from a less-trusted input channel rather than authoritative internal state. No public exploit has been identified and the vulnerability is absent from the CISA KEV catalog; the vendor has released a fix in version 3.17.0.
Authentication bypass in Apache APISIX versions 2.2 through 3.16.0 allows remote attackers to circumvent authentication enforced by the jwt-auth plugin under certain configurations, granting unauthorized access to APIs that should require a valid JWT. The flaw stems from spoofable identity assertions (CWE-290) in the plugin's verification logic, and at time of analysis there is no public exploit identified, but the wide affected version range and gateway role make it operationally significant.
Identity header spoofing in Apache APISIX versions 2.12.0 through 3.16.0 allows a low-privileged network attacker to manipulate header values forwarded by the forward-auth plugin to upstream backend services. The flaw, rooted in improper input validation (CWE-20) of the forward-auth plugin's header handling, enables an attacker to impersonate other identities as seen by backend services that rely on APISIX to assert trustworthy identity context. No active exploitation is confirmed in CISA KEV and no public proof-of-concept has been identified, but the CVSS 4.0 subsequent-system impact metrics (SC:H/SI:H/SA:H) signal that backend services face high-severity consequences if exploited.
Authentication bypass in StarTree mcp-pinot versions 3.0.1 and earlier exposes the Model Context Protocol HTTP server on 0.0.0.0:8080 by default with no authentication, allowing any network-adjacent attacker to invoke every MCP tool - including SQL execution, schema creation, and table-config mutation - against the backing Apache Pinot cluster using the server's own credentials. The maximum CVSS 10.0 score reflects a scope-changing confused-deputy condition. No public exploit identified at time of analysis, but the trivial reachability and presence of write/DDL tooling make exploitation straightforward once the port is found.
XML External Entity injection in the HAPI FHIR core library (Maven ca.uhn.hapi.fhir:org.hl7.fhir.utilities, versions <= 6.9.9) lets an attacker who controls or MITMs XML routed through XsltUtilities.saxonTransform(...) read local files and perform blind XXE/SSRF. The three saxonTransform overloads instantiate a bare net.sf.saxon.TransformerFactoryImpl that resolves external general and parameter entities, unlike the co-located transform() siblings that use the project's hardened XXE-protected factory. Publicly available exploit code exists (a full end-to-end PoC accompanies the GitHub advisory), though there is no public exploit identified as actively used in the wild.
LDAP injection in Apache Shiro's DefaultLdapRealm allows remote unauthenticated attackers to manipulate Distinguished Name construction during LDAP bind authentication, potentially bypassing authentication or impersonating other users. The flaw affects all versions through 2.2.0 and 3.0.0-alpha-1 when DefaultLdapRealm is in use, with no public exploit identified at time of analysis. The CVSS 4.0 score of 8.8 reflects high integrity impact against an authentication-critical component.
Incorrect Authorization in Apache DolphinScheduler's API module (versions prior to 3.4.2) allows any authenticated user holding basic system login privileges to delete task definitions belonging to projects outside their authorized scope. The flaw bypasses project-level access controls server-side, enabling cross-project destructive operations without requiring elevated roles. No public exploit has been identified at time of analysis, and no KEV listing exists; moderate severity reflects the authentication prerequisite and the impact being limited to data destruction rather than exfiltration or code execution.
Privilege escalation in Apache DolphinScheduler before 3.4.2 allows any authenticated general user to mint admin-level access tokens by calling the /access-tokens API endpoint directly, bypassing role-enforcement logic. This effectively grants full administrative control over the workflow scheduling platform to any low-privilege account holder. No public exploit has been identified at time of analysis, but the simplicity of the attack surface - a direct API call - makes this a high-priority remediation target for any multi-tenant or enterprise DolphinScheduler deployment.
Incorrect authorization in Apache DolphinScheduler before 3.4.2 allows authenticated users to read alert instances belonging to alert groups outside their assigned permissions. The API component (org.apache.dolphinscheduler:dolphinscheduler-api) fails to enforce permission boundaries between alert groups and their associated alert instances, constituting a broken access control flaw. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and the moderate severity rating reflects the authentication prerequisite and limited confidentiality impact.
Incorrect Authorization in Apache DolphinScheduler's API layer exposes workflow instance data across project boundaries to authenticated users who lack the required project permissions. All versions prior to 3.4.2 of the org.apache.dolphinscheduler:dolphinscheduler-api component are affected, with the vendor recommending immediate upgrade to 3.4.2. No public exploit has been identified and the vulnerability is not listed in CISA KEV; real-world risk is concentrated in multi-tenant deployments where project isolation is the primary access control boundary.
Incorrect Authorization in Apache DolphinScheduler's experimental `/v2` API interface permits authenticated users to invoke privileged operations without undergoing permission validation. All releases of the `dolphinscheduler-api` module prior to 3.4.2 are affected. An attacker with a valid account can bypass role-based access controls enforced on the stable API surface by routing requests through the unguarded `/v2` endpoint, potentially performing administrative workflow, datasource, or tenant operations beyond their granted privilege level. No public exploit code or CISA KEV listing has been identified at time of analysis.
Missing authorization check in the Apache DolphinScheduler DataSource API exposes arbitrary data source metadata to users who lack permission to view it, affecting all versions before 3.4.2. Authenticated users with low-privilege access can query the DataSource API and retrieve connection metadata - such as hostnames, ports, database names, and usernames - belonging to data sources they are not authorized to access. No public exploit or active exploitation has been identified at time of analysis, and the Apache Software Foundation has rated this moderate severity, consistent with a confidentiality-only impact against an internal platform.
Path traversal in Apache Airflow SFTP provider (apache-airflow-providers-sftp before 5.8.1) allows a malicious or compromised remote SFTP server to write files outside the configured local destination directory on the Airflow worker host. The root cause is that SFTPHook.retrieve_directory does not sanitize server-supplied directory-entry names before constructing local file paths, enabling traversal sequences to escape the intended destination. No exploit code has been publicly identified at time of analysis, but the attack requires no Airflow credentials - any deployment that downloads directories from an untrusted SFTP server is in scope.
Denial of service in Apache CXF versions 4.2.0 through 4.2.1 and all versions prior to 4.1.7 allows remote unauthenticated attackers to exhaust server resources by sending messages containing an unbounded number of attachment headers during deserialization. The flaw stems from missing input limits in the message deserialization path and can be triggered without authentication or user interaction. EPSS rates real-world exploitation probability as low (0.02%) and no public exploit identified at time of analysis, but SSVC flags the attack as automatable.
Signature metadata trust bypass in Apache CXF's JwsJsonContainerRequestFilter allows an attacker who can send JWS JSON-signed requests to inject unvalidated metadata - such as Content-Type or protected HTTP headers - by placing it in the first signature entry of a multi-signature JWS JSON token, even when that entry's signature was never verified. Affected deployments using the cxf-rt-rs-security-jose-jaxrs module may incorrectly trust attacker-controlled content type or header values, steering JAX-RS entity parsing or signed-header consistency checks in unintended ways. No public exploit code or CISA KEV listing has been identified at time of analysis; vendor-released patches 4.2.2 and 4.1.7 were published June 10, 2026.
Remote code execution in Apache CXF's JCA integration module allows attackers to achieve arbitrary code execution via JNDI injection when they can manipulate the JCA deployment descriptor (ra.xml) or runtime activation parameters. Affected versions span Apache CXF 4.2.0 to before 4.2.2, and all versions prior to 4.1.7. Despite a CVSS of 8.1, there is no public exploit identified at time of analysis and EPSS sits at 0.04%, suggesting limited near-term exploitation likelihood.
Remote code execution in Apache CXF versions 4.2.0 through 4.2.1 and all versions prior to 4.1.7 can occur when untrusted users are permitted to configure JMS transport, representing a third attempt to fully address the original advisory CVE-2026-44417. With no public exploit identified at time of analysis and an EPSS score of 0.04%, near-term mass exploitation appears unlikely, but the SSVC technical impact is rated total and the flaw is deemed automatable once weaponized.
Token confusion in Apache CXF's JwtAccessTokenValidator allows an attacker holding a valid JWT issued for one Resource Server to replay it against an unrelated Resource Server because the 'aud' (Audience) claim is not validated. Affects Apache CXF 4.2.0 through 4.2.1 and all versions prior to 4.1.7, enabling cross-service authentication bypass with full confidentiality, integrity, and availability impact on the unintended target. No public exploit identified at time of analysis and EPSS is very low (0.02%, 4th percentile), but the fix is straightforward and the issue is structurally severe for federated OAuth2/JWT deployments.
Authentication bypass in Apache CXF's OAuth2 TokenIntrospectionService allows unauthenticated network access to the token introspection endpoint due to a missing 'throw' keyword in the internal security context check, causing the guard to silently pass rather than reject unauthorized callers. Affected are deployments using cxf-rt-rs-security-oauth2 versions 4.2.0-4.2.1 and all 4.1.x releases before 4.1.7 that relied solely on CXF's built-in check without independent authentication at the container or gateway layer. No public exploit code or active exploitation has been identified; vendor-confirmed patches (4.2.2 and 4.1.7) were released June 10, 2026.
XML External Entity (XXE) processing in Apache CXF versions prior to 4.1.7 and 4.2.0-4.2.1 allows remote attackers to trigger out-of-band external entity resolution via the EndpointReferenceUtils and W3CMultiSchemaFactory classes, which instantiate SAXParserFactory without JAXP hardening. While CVSS scores this 9.8 critical, EPSS reports only 0.02% exploitation probability, and there is no public exploit identified at time of analysis. Successful exploitation could enable data exfiltration, SSRF, or denial-of-service against applications that process attacker-controlled XML through CXF web services.
Replay attack protections in Spring Web Services are silently ineffective across multiple major branches due to Wss4jSecurityInterceptor failing to wire configured Apache WSS4J ReplayCache instances into the RequestData object at validation time. Operators who believe UsernameToken nonce replay, Timestamp replay, and SAML one-time-use checks are enforced are unknowingly running without those controls. A network-positioned attacker can intercept and replay valid WS-Security tokens - including credentials and SAML assertions - to re-execute previously-authorized SOAP operations, with no public exploit identified at time of analysis and no CISA KEV listing.
Spring Web Services' Wss4jSecurityInterceptor silently defaults allowRSA15KeyTransportAlgorithm to true, overriding Apache WSS4J's own safer default and permitting inbound WS-Security decryption to accept the weak RSA PKCS#1 v1.5 (rsa-1_5) key transport algorithm. This misconfiguration-by-default affects all four supported release trains (3.1.x, 4.0.x, 4.1.x, 5.0.x) and opens deployed SOAP services to Bleichenbacher-style adaptive chosen-ciphertext attacks against server-side RSA key material unless operators explicitly override the flag. No public exploit has been identified at time of analysis, and the CVSS-assigned high attack complexity (AC:H) reflects the significant number of oracle queries required to mount a practical attack.
Server-side template injection in Apache OFBiz before 24.09.07 allows authenticated users holding Content or DataResource editing privileges to inject template code that is rendered by the framework, resulting in remote code execution on the application server. The flaw is rated CVSS 8.8 with publicly available exploit code exists via the oss-security disclosure thread, though EPSS sits at 0.09% (26th percentile), indicating broad opportunistic exploitation has not yet been observed. Apache has shipped a fix in 24.09.07 and recommends immediate upgrade.
Privilege escalation in Apache OFBiz versions prior to 24.09.07 allows a low-privileged authenticated user to elevate their permissions to a higher-privileged role, leading to full compromise of confidentiality, integrity, and availability of the ERP system. The flaw is rooted in improper authorization (CWE-285) and is exploitable remotely over the network with low complexity once valid low-tier credentials are held. No public exploit identified at time of analysis, and EPSS scoring (0.02%) plus CISA SSVC (Exploitation: none) suggest no observed exploitation activity yet.
Path traversal in Roxy-WI versions 8.2.6.4 and prior allows authenticated remote attackers to read arbitrary configuration files via the config_file_name and configver parameters. The vendor's attempted fix in commit d4d10006 is ineffective due to a logic error - it uses Python tuple-membership instead of substring containment - leaving all realistic '../' payloads unblocked, with no public exploit identified at time of analysis.
Authentication bypass in Roxy-WI versions 8.2.6.4 and prior allows remote unauthenticated attackers to reach protected API functionality by including the 'api' substring in the URL, with the /api/gpt endpoint specifically exposed without authentication. The flaw carries a CVSS 8.3 with scope change and affects a web management interface for HAProxy, Nginx, Apache, and Keepalived, and no public exploit has been identified at time of analysis. No vendor-released patch exists at time of publication, making this a high-priority issue for any internet-exposed installation.
Open redirect in Roxy-WI versions 8.2.6.4 and prior allows unauthenticated remote attackers to silently redirect authenticated users to attacker-controlled domains by exploiting a bypass in the login flow's URL filter. The filter blocks `next` parameter values containing `http://` or `https://` substrings but does not account for RFC-3986 userinfo@host syntax; submitting `next=@evil.example/path` causes the server to construct `https://victim.example@evil.example/path`, which modern browsers route to `evil.example`. No public exploit code has been identified at time of analysis, no patch is available, and this vulnerability is not listed in CISA KEV.
Path traversal bypass in Roxy-WI versions 8.2.6.4 and earlier allows authenticated remote attackers to escape input sanitization in the EscapedString Pydantic validator and inject shell metacharacters alongside '..' sequences. The flaw stems from a flawed if/elif/elif/else control flow that strips metacharacters without re-enforcing the '..' block, and the result is never shlex-quoted before reaching downstream command contexts. No public exploit identified at time of analysis, and no vendor-released patch identified at time of analysis.
Privilege persistence in Apache Answer through version 2.0.0 allows suspended, deleted, or deactivated administrator accounts to retain access to administrative APIs because previously issued tokens are not invalidated upon account state change. The flaw requires high-privilege access to obtain a token initially and carries a CVSS 7.2 with full confidentiality, integrity, and availability impact; no public exploit identified at time of analysis and SSVC marks exploitation as none.
Authenticated command injection in Roxy-WI versions 8.2.6.4 and prior allows low-privileged users (role <= 3, 'user') to execute arbitrary OS commands by abusing the configver URL-path parameter on POST /config/versions/<service>/<server_ip>/<configver>/save, which flows unsanitized into an os.system() call wrapping dos2unix. No public exploit identified at time of analysis, but the GHSA advisory is published and no vendor patch exists, leaving exposed instances at immediate risk of full compromise of the management interface host.
Roxy-WI 8.2.6.4 and prior exposes a broken object-level authorization flaw in its audit history endpoint, allowing any authenticated user to read any other user's full action audit trail. The GET /history/user/<server_ip> endpoint conflates the server_ip path parameter with a user identifier and performs no authorization check, meaning a guest account in an unrelated group can enumerate administrators' operational history including server IPs touched, configs deployed, and services restarted. No patch is available at time of publication; no public exploit code or active exploitation has been identified.
{version,uptime,status,checks}/<server_ip>` route family passes the Flask URL path parameter directly into a Python `requests.get()` call without any allowlist or blocklist validation, making IPv4 literals such as 169.254.169.254, RFC1918 ranges, and 127.0.0.1 all valid targets. No publicly available patches exist at time of analysis, and no public exploit code or CISA KEV listing has been identified.
Stored cross-site scripting in Roxy-WI 8.2.6.4 and prior allows any unauthenticated remote attacker who can send HTTP requests to a managed HAProxy or Nginx load balancer to inject malicious payloads into server access logs, which then execute in the browser of any Roxy-WI administrator who opens the log viewer. The vulnerability stems from unsanitized HTML concatenation in the Python backend combined with unsafe jQuery .html()/.append() rendering on the frontend - a classic stored XSS with a changed scope (S:C) because the attacker's input, written via the load balancer, achieves code execution in the privileged admin web UI context. No publicly available patches exist at time of analysis; no public exploit code or CISA KEV listing has been identified.
LDAP injection in Roxy-WI 8.2.6.4 and prior exposes LDAP directory attributes to authenticated administrators who can manipulate search filter logic via the username URL path parameter. The vulnerable function get_ldap_email (app/modules/roxywi/user.py:120-157) constructs LDAP queries through unsanitized f-string concatenation, enabling injection of additional filter clauses such as *)(mail=*)(cn=* to enumerate or harvest attributes beyond the intended user record. No patch is available at time of publication, and no public exploit identified at time of analysis.
Remote code execution in Roxy-WI versions 8.2.6.4 and prior allows authenticated low-privilege users (role ≤ 3) to inject arbitrary HAProxy directives via unvalidated JSON option fields in the HAProxy section-save API endpoints, achieving command execution as the haproxy user on every managed load balancer. No public exploit has been identified at time of analysis, but the attack is straightforward given the documented injection path through the section.j2, global.j2, and defaults.j2 Ansible templates, and no vendor-released patch is available.
Remote code execution in Roxy-WI versions 8.2.6.4 and prior allows authenticated users to write attacker-controlled content to arbitrary absolute paths on managed load balancers via the WAF rule save endpoint. By dropping a malicious cron file (e.g., /etc/cron.d/nginx_cfg_evil), an attacker achieves root-level code execution on every load balancer in the caller's group. No public exploit identified at time of analysis, and no vendor-released patch is currently available, making this a high-priority issue for any exposed deployment.
Cross-tenant data tampering in Roxy-WI versions 8.2.6.4 and prior allows any authenticated user to silently overwrite HTTP, TCP, Ping, and DNS monitoring checks belonging to other tenants by sending a crafted PUT /smon/check request with another tenant's smon_id. The flaw stems from missing user_group authorization on the UPDATE SQL path (CWE-639, IDOR), while the DELETE path is correctly filtered - confirming the maintainers knew the right pattern but failed to apply it on update. No public exploit identified at time of analysis, and no vendor-released patch is available, raising operational risk for multi-tenant deployments.
Privilege escalation in Roxy-WI versions 8.2.6.4 and prior allows any authenticated user - including the lowest-privilege 'guest' role 4 - to start, stop, or restart the roxy-wi-smon-agent systemd unit on arbitrary managed servers, with the action executing as root via Roxy-WI's passwordless sudo SSH credentials. The flaw stems from missing role and group-ownership checks on the agent_action endpoint, and no public exploit has been identified at time of analysis though the vulnerability is trivially reachable once an account exists.
Privilege escalation and cross-tenant compromise in Roxy-WI versions 8.2.6.4 and prior allows any authenticated user - including the default guest role 4 - to install or reconfigure exporters, WAF, and GeoIP databases on every managed server regardless of tenant ownership. Because the affected installer endpoints lack role and group decorators, low-privilege users can pivot through stored SSH credentials with sudo to achieve root-level command execution on HAProxy/Nginx/Apache hosts belonging to other tenants. No public exploit identified at time of analysis, but the issue is unpatched and rated CVSS 9.9.
Insecure deserialization in Spring for Apache Pulsar's JsonPulsarHeaderMapper allows remote attackers to bypass trusted-package controls and potentially trigger arbitrary Java object instantiation through Pulsar message headers. The flaw stems from a prefix-based package match plus an unsafe empty-allow-list default, affecting versions 1.1.0-1.1.17, 1.2.0-1.2.17, and 2.0.0-2.0.5. No public exploit identified at time of analysis, but the CVSS 8.1 rating and CWE-502 classification place this firmly in the high-impact Java deserialization category that has historically yielded remote code execution.
Unsafe deserialization in Spring for Apache Kafka (versions 2.8.0-4.0.5 across multiple branches) allows a malicious Kafka producer to send crafted message headers that cause downstream consumers to instantiate arbitrary JDK types via Jackson. The flaw stems from a prefix-based trusted-packages check in JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper, which silently extends trust to every subpackage. No public exploit identified at time of analysis, but the bug class (CWE-502 with Jackson default typing) has a long history of leading to remote code execution in Spring/Java ecosystems.
Improper input validation in Spring for Apache Kafka's non-blocking retry topic infrastructure allows an authenticated network producer to disrupt message processing availability across multiple major version lines. By injecting a crafted `retry_topic-attempts` header with an out-of-range integer value, an attacker causes the retry topic router to misidentify the message's position in the retry sequence, producing high availability impact (A:H per CVSS). Affected deployments span Spring for Apache Kafka 2.8.x through 4.0.x. No active exploitation has been confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis.
Unbounded heap growth in Spring for Apache Kafka's DelegatingDeserializer allows an authenticated network producer to trigger a Denial of Service against any consumer application that opts into this deserializer. By flooding the consumer with Kafka records carrying unique, randomized spring.kafka.serialization.selector header values, an attacker forces unbounded cache growth on the consumer's JVM heap, ultimately inducing GC thrash and OutOfMemoryError. No public exploit identified at time of analysis, and this is not listed in the CISA KEV catalog, but the low-complexity, network-accessible attack surface warrants prompt remediation for affected deployments.
Path traversal in Apache Airflow's Samba provider exposes Samba target file systems to arbitrary write operations when GCSToSambaOperator processes GCS object names containing directory traversal sequences. Disclosed on 2026-06-09 via the oss-security mailing list by Apache committer Jarek Potiuk as a pre-NVD disclosure, the vulnerability enables any party who can influence GCS object names in the source bucket to write files outside the intended destination directory on the Samba share. No public exploit code has been identified at time of analysis, and CVSS scoring is not yet available.
Unsanitized rendering of AI-generated response content in Apache Answer through 2.0.0 enables cross-site scripting (XSS) execution in the browsers of any user viewing affected AI-generated answers. The vulnerability (CWE-87, Improper Neutralization of Alternate XSS Syntax) arises because the AI answer rendering pipeline passes output directly to the browser DOM without stripping or encoding malicious script constructs. No public exploit code has been identified at time of analysis, and CISA KEV listing has not been confirmed, but the critical severity designation and vendor-confirmed patch at 2.0.1 indicate this is a high-priority remediation target for all deployments using the AI answer feature.
Apache Answer's Timeline API endpoints through version 2.0.0 fail to enforce authorization, exposing deleted, private, and unapproved content - along with full revision histories - to any authenticated regular user. The vulnerability is an information disclosure flaw affecting all Apache Answer deployments (community forums, help centers, knowledge platforms) running 2.0.0 or earlier. No public exploit has been identified and no KEV listing exists; however, in community deployments where user accounts are freely self-registered, the authentication prerequisite provides limited real-world protection.
Privilege escalation via improper authorization in Apache ActiveMQ before 5.19.8 and 6.0.0 before 6.2.7 lets an authenticated low-privilege Web Console user reach the administrative /admin/* paths that should be restricted to administrators. The flaw stems from default Jetty configuration that failed to scope those paths to admin roles, granting low-priv users administrative Web Console functionality. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Denial of service in Apache ActiveMQ (Client, broker, and All distributions) before 5.19.8 and 6.x before 6.2.7 lets a remote unauthenticated attacker crash the broker by sending a crafted WireFormatInfo frame containing an oversized size value during the pre-authentication protocol negotiation. Because the size is consumed before any authentication occurs, the broker attempts a massive memory allocation, triggering an out-of-memory condition and process crash. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV; the fix is shipped in 6.2.7 and 5.19.8.
Remote denial of service in Apache ActiveMQ (versions 5.19.7 and 6.2.6) allows an unauthenticated attacker to exhaust broker heap memory and crash the service with an OutOfMemory error. The flaw is a regression introduced by the fix for CVE-2026-49270: an attacker repeatedly sends OpenWire BrokerInfo commands while never sending the expected ConnectionInfo, causing unbounded state accumulation until the broker dies. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the unauthenticated network reachability makes it a credible availability threat to exposed brokers.
Unauthorized message consumption in Apache ActiveMQ Classic lets a connected client read from temporary destinations belonging to a different connection, breaking the per-connection isolation that applications rely on. The root cause is that the isolation check is enforced only client-side, so a malicious or rogue client can subscribe to and drain another connection's temporary queue/topic. It affects ActiveMQ (Broker/All/Classic) before 5.19.8 and 6.0.0 before 6.2.7; there is no public exploit identified at time of analysis, and it is not in CISA KEV.
Denial of service in Apache ActiveMQ (versions before 5.19.8, and 6.0.0 before 6.2.7) lets an authenticated user crash the broker by sending a crafted OpenWire message whose property map declares an excessively large encoded size. Because the map is unmarshaled without validating the declared size against actual payload bounds, the broker pre-allocates massive memory and hits an OutOfMemory condition. No public exploit identified at time of analysis and the issue is not in CISA KEV, but the low attack complexity and availability of a vendor patch make it a practical operational concern for exposed brokers.
Unbounded heap consumption in Apache ActiveMQ's STOMP NIO codec allows an unauthenticated remote client to crash the broker by streaming non-terminating header bytes that the JVM buffers without limit until memory is exhausted. All three affected Maven artifacts (apache-activemq, activemq-all, activemq-stomp) are impacted in versions before 5.19.8 and in the 6.0.0-6.2.6 range. No public exploit code or active exploitation has been identified at time of analysis, but the unauthenticated, low-complexity network attack surface against a widely-deployed enterprise broker makes this a credible denial-of-service risk for any deployment with an exposed STOMP port.
Stored cross-site scripting in Apache ActiveMQ Web Console allows an authenticated message producer to inject malicious JavaScript via a crafted JMS message ID, which executes in the browser of any administrator who browses the affected queue. The browse page renders message IDs without HTML sanitization, enabling privilege escalation from producer to administrator via session hijacking or credential theft. No public exploit identified at time of analysis and not listed in CISA KEV; rated moderate severity by Apache, consistent with the authentication prerequisite and required user interaction.
Authentication bypass in Apache Tomcat (7.0.0-7.0.109, 8.5.0-8.5.100, 9.0.0.M1-9.0.100, 10.1.0-M1-10.1.36, 11.0.0-M1-11.0.4) lets remote attackers authenticate without supplying the correct password when the JNDIRealm is configured to validate credentials via GSSAPI bind. The flaw (CWE-304, Missing Critical Step in Authentication) means the realm accepts a bind as successful even when the password verification step is effectively skipped. There is no public exploit identified at time of analysis, EPSS risk is low (0.21%, 12th percentile), and it is not listed in CISA KEV.
Improper Authorization (CWE-285) in Apache Tomcat's default servlet allows HTTP method-based and method-omission security constraints to be silently bypassed across all major supported Tomcat branches from 7.0.x through 11.0.x. An attacker can perform HTTP operations - such as PUT or DELETE - that the web.xml security constraint configuration was intended to restrict, potentially enabling unauthorized file upload, modification, or deletion on the default servlet's served content. No active exploitation has been confirmed (not in CISA KEV) and no CVSS score has been published at time of analysis, but the broad version range and ubiquitous deployment footprint of Tomcat make prompt patching a priority.
Replay attack vulnerability in Apache Tomcat's cluster EncryptionInterceptor allows a network-adjacent attacker to retransmit previously captured encrypted inter-node cluster messages, causing receiving nodes to accept and process them as legitimate - potentially corrupting distributed session state or triggering unintended cluster actions. All major supported branches are affected: 11.0.0-M1 through 11.0.22, 10.1.0-M1 through 10.1.55, 9.0.13 through 9.0.18, plus end-of-life branches 8.5.38-8.5.100 and 7.0.100-7.0.109. No public exploit or CISA KEV listing has been identified at time of analysis; however, the breadth of affected versions across all active and legacy branches elevates organizational exposure, particularly for environments running EOL 8.5.x or 7.x with no available patch.
Incomplete security-constraint logging in Apache Tomcat (8.5.0-8.5.100, 9.0.0.M1-9.0.118, 10.1.0-M1-10.1.55, 11.0.0-M1-11.0.22) omits special roles and empty authorization constraints when the effective web.xml is written to the log, giving administrators an inaccurate view of the deployed access-control configuration. There is no public exploit identified at time of analysis, EPSS is low (0.17%, 7th percentile), and CISA SSVC marks exploitation status as none, despite the inflated 9.1 CVSS published by Apache. The practical effect is misleading audit/diagnostic output rather than direct attacker compromise.
Improper handling of a Certificate Revocation List (CRL) error condition in Apache Tomcat's FFM-based (Foreign Function & Memory / OpenSSL) connector allows revoked client certificates to be accepted during mutual TLS authentication, defeating revocation checking. The flaw affects Tomcat 9.0.83-9.0.118, 10.1.0-M7-10.1.55, and 11.0.0-M1-11.0.22 when a CRL is configured on the FFM connector, letting an attacker holding a revoked-but-otherwise-valid client certificate reach protected resources. There is no public exploit identified at time of analysis and the issue is not on CISA KEV, though the CVSS base score is 9.1 (CWE-390).
Access-control bypass in Apache Tomcat's RewriteValve (versions 8.5.0-8.5.100, 9.0.0.M1-9.0.118, 10.1.0-M1-10.1.55, and 11.0.0-M1-11.0.22) arises because once the first condition in an OR (`[OR]`) chain matched, subsequent non-OR conditions were never evaluated. Where operators rely on chained rewrite conditions to gate or restrict requests, an attacker can satisfy only the first condition and have later guard conditions silently skipped, leading to information disclosure or unintended request routing. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; Apache has released fixes in 11.0.23, 10.1.56, and 9.0.119.
Reflected XSS in Apache Tomcat's bundled 'number guess' example application exposes users of that demo page to script injection across all major Tomcat release lines from 7.0 through 11.0. The flaw resides in a sample JSP/servlet, not the core Tomcat runtime, meaning exploitation depends entirely on the example application being deployed and accessible - a configuration that violates standard production hardening guidance. No public exploit code or active exploitation has been identified at time of analysis; no CVSS vector was assigned by the reporter.
Path traversal in Apache IoTDB (1.0.0 before 1.3.6 and 2.0.0 before 2.0.7) allows remote attackers to read and write files outside the intended restricted directory by supplying crafted pathnames, leading to high confidentiality and integrity impact. The CVSS 3.1 base score is 9.1 (AV:N/AC:L/PR:N/UI:N) indicating network-reachable, unauthenticated exploitation against affected versions. No public exploit identified at time of analysis and the issue is not listed in CISA KEV; fixed versions 1.3.6 and 2.0.7 are available from the Apache vendor.
Path traversal in Apache IoTDB (versions 1.0.0–1.3.5 and 2.0.0–2.0.5) lets remote unauthenticated attackers reference files outside the intended directory using crafted '../' sequences in a pathname, yielding high-impact disclosure and modification of files (C:H/I:H). With a CVSS 3.1 score of 9.1 and PR:N/UI:N, the flaw is exploitable over the network against affected instances with no credentials or user interaction. No public exploit code has been identified at time of analysis, and the issue is not listed in CISA KEV.
Authentication bypass in Apache Kerby before 2.1.2 lets remote attackers defeat Kerberos pre-authentication by submitting a PA-DATA element with an unrecognized or unsupported type, causing the KDC to skip the pre-auth check rather than reject the request. The flaw affects all Apache Kerby deployments below 2.1.2 acting as a Kerberos KDC/AS, and is fixed in version 2.1.2. There is no public exploit identified at time of analysis, no CISA KEV listing, and EPSS data was not provided; CVSS is rated 7.3 (High) with partial confidentiality, integrity, and availability impact.
Denial of service in Apache Kerby allows remote attackers to crash a Kerby client or service by delivering a deeply nested ASN1 structure that exhausts JVM stack depth and triggers an unhandled StackOverflowException. All versions prior to 2.1.2 are affected. No public exploit code or CISA KEV listing has been identified at time of analysis, but the attack primitive (malformed Kerberos ASN1 message) requires no authentication and is trivially constructible, making this a realistic operational risk for any internet- or network-exposed Kerby deployment.
Cleartext data-channel exposure in the Apache Airflow FTP provider (apache-airflow-providers-ftp before 3.15.1) lets a network attacker positioned on the data path read file contents and credentials moved over FTPS. The FTPSHook.get_conn() method established an ftplib.FTP_TLS control connection but never issued PROT P, so payloads transferred via FTPSHook or FTPSFileTransmitOperator traveled in plaintext despite the TLS-protected control channel. There is no public exploit identified at time of analysis, EPSS is very low (0.10%, 1st percentile), and it is not on CISA KEV.
Unrestricted PHP file upload in K2 extension for Joomla (versions 1.0–2.26) enables any authenticated K2 Author to achieve remote code execution by uploading a PHP webshell via the frontend article-attachment upload endpoint and executing it through Apache mod_php. Because the upload handler performs no extension filtering, a `.php` file is written to `/media/k2/attachments/` and served by Apache's standard `\.php$` handler, executing arbitrary code as the web server process user. No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV, though the attack path is elementary once Author-level access is obtained.
Remote denial-of-service in Apache Kvrocks via an integer overflow in the RESTORE command's IntSet deserialization path. An attacker who can send commands to a Kvrocks instance can supply a crafted RDB-serialized IntSet payload to the RESTORE command, triggering an integer overflow that crashes the server process. This vulnerability was disclosed pre-NVD via the oss-security mailing list on 2026-06-25 alongside two other Kvrocks CVEs (CVE-2026-46751, CVE-2026-46752), suggesting a coordinated security audit of the project; no public exploit code or CISA KEV listing has been identified at time of analysis.
Privilege bypass in Apache Kvrocks exposes the internal APPLYBATCH command without proper permission enforcement, letting an authenticated low-privilege client write raw batches directly to the underlying RocksDB storage engine and bypass the server's command ACL model. The flaw (CWE-280, improper handling of permissions) carries a CVSS 4.0 base of 9.4 due to high integrity and availability impact and an irrecoverable-damage recovery rating. No public exploit identified at time of analysis, and it is not listed in CISA KEV; it was disclosed pre-NVD via the oss-security mailing list on 2026-06-25 alongside two sibling Kvrocks CVEs.
Replication Fullsync in Apache Kvrocks fails to validate filenames transmitted from a master node to a replica during full synchronization, enabling path traversal to arbitrary filesystem locations. Deployments using Kvrocks master-replica replication are affected; standalone instances with no replication configured are not exposed. An attacker who controls or can impersonate a master node can cause a replica to read or write files outside its intended data directory - no public exploit has been identified and this CVE is not listed in the CISA KEV catalog at time of analysis.
Memory corruption in Apache Kvrocks' embedded Lua scripting engine allows a client able to run EVAL/EVALSHA commands to trigger a stack buffer overflow in the bit.tohex() function, potentially crashing the server or corrupting process memory toward code execution. Kvrocks is a Redis-protocol-compatible distributed key-value store, and this flaw was disclosed via the oss-security mailing list on 2026-06-25 alongside three other Kvrocks issues. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Lua sandbox escape in Apache Kvrocks exposes the host environment to authenticated users who hold EVAL command privileges. The database fails to strip the `loadstring` function from its Lua scripting environment, which is a standard hardening step in Redis-protocol-compatible systems; retaining it allows a sandboxed Lua script to load and execute arbitrary Lua bytecode dynamically, effectively escaping the intended script isolation. No public exploit code or CISA KEV listing exists at time of analysis; however, sandbox escapes of this class are well-understood and exploitable by any user granted EVAL access.
Insufficient session expiration in Apache Shiro's RememberMe feature allows a stolen cookie to be replayed indefinitely, bypassing the configured cookie age restriction. All shiro-web deployments from version 1.2.4 through the entire 2.x line and the 3.0.0-alpha-1 pre-release are affected whenever RememberMe is enabled. An attacker who intercepts a victim's RememberMe cookie - through network interception, XSS, or similar means - can reuse it without time limit, effectively maintaining persistent unauthorized access to the victim's session even after the configured expiration has elapsed. No public exploit code or CISA KEV listing has been identified at time of analysis.
Authentication bypass in Apache Shiro affects deployments using the shiro-guice module in a web servlet context, where a specially crafted HTTP request can evade path-based access controls and reach protected resources without valid credentials. It mirrors the older shiro-spring flaw CVE-2020-1957 but targets the Guice integration instead, impacting all Shiro releases through 2.x and 3.0.0-alpha-1. No public exploit identified at time of analysis, though the CVSS 4.0 base score of 8.2 reflects high confidentiality impact and the close analogy to a previously exploited bug class.
Unauthenticated information disclosure in WWBN AVideo (versions prior to 29.0) deployed via the official docker-compose.yml exposes the application's .env file at /.env, leaking database credentials, the SYSTEM_ADMIN_PASSWORD, and internal Docker network topology. The default Apache document root mount lacks any rule blocking dotfile access, so a single curl request to /.env returns plaintext secrets. No public exploit identified at time of analysis, though reproduction is trivial against any default Docker deployment.
SQL injection in Apache Doris MCP Server versions 0.1.0 through 0.6.0 allows authenticated attackers (or anonymous attackers when authentication is disabled) to inject arbitrary SQL through a database-name parameter in a metadata query path, bypassing the caller's authorization context. Because the query executes without the requester's auth context, attackers can read metadata across databases they should not be able to see. No public exploit identified at time of analysis, and SSVC currently marks exploitation as 'none'.
Host header injection in Apache NiFi 0.0.1 through 2.9.0 enables network-accessible clients to supply arbitrary values via X-ProxyHost and X-Forwarded-Host HTTP headers, causing the application to construct attacker-controlled qualified URLs used in HTTP redirects and data references. Although NiFi introduced an allowlist-based Host header control (nifi.web.proxy.host) in version 1.6.0, that validation was never extended to the alternative proxy and forwarded headers, leaving a persistent gap across roughly a decade of releases. No public exploit code has been identified at time of analysis and CVE-2026-54665 is not listed in CISA KEV; practical risk centers on open-redirect abuse, link manipulation, and potential bypass of same-origin assumptions rather than direct code execution.
Authorization bypass in Apache NiFi 1.12.0 through 2.9.0 allows authenticated users with general write access to add Restricted-annotated extension components when replacing Process Groups, despite lacking the explicit Restricted-component privilege. The flaw stems from the framework failing to enforce Restricted-annotation checks during Process Group replacement, effectively letting privileged-component installation bypass its intended authorization boundary. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
SQL injection via improperly escaped MySQL table names in Apache NiFi's CaptureChangeMySQL Processor (versions 1.2.0 through 2.9.0) allows an attacker with MySQL CREATE TABLE access in a monitored database to inject arbitrary SQL commands executed under NiFi's MySQL service credentials. A partial mitigation introduced in 1.8.0 added manual quoted boundaries that narrowed - but did not eliminate - the injection surface; the root flaw persisted for years until full remediation in 2.10.0. No public exploit identified at time of analysis and not listed in CISA KEV; the issue was discovered by Roberto Suggi Liverani of the NATO Cyber Security Centre (NCSC) and disclosed in April 2026.
Incorrect authorization enforcement in Apache NiFi 1.15.0 through 2.9.0 allows read-privileged users to submit configuration verification requests containing arbitrary proposed properties, bypassing the write-access requirement. The nifi-web-api REST endpoints for component configuration verification accepted proposed configuration overrides from any authenticated user with read access, enabling those users to invoke predefined verification methods - such as testing connectivity, credentials, or remote service endpoints - with attacker-supplied settings. No public exploit has been identified at time of analysis, and the fix is confirmed available in Apache NiFi 2.10.0.
Stored XSS in Apache Atlas's Create Entity page allows any authenticated user to inject persistent malicious JavaScript that executes in other users' browsers. All deployments running Apache Atlas 2.4.0 and earlier are affected. An attacker with a valid account can store a crafted payload that triggers against higher-privileged users - such as administrators - who later view the poisoned entity, enabling session hijacking or credential theft. No public exploit or CISA KEV listing has been identified at time of analysis.
Server-Side Request Forgery and arbitrary JavaScript injection in Craft CMS 4.x (before 4.18) and 5.x (before 5.10) allow remote unauthenticated attackers to poison the Host or X-Forwarded-Host header against the /actions/app/resource-js endpoint, forcing the backend Guzzle client to proxy attacker-controlled content as application/javascript. When the instance sits behind a caching layer, this chains into web cache poisoning, stored XSS in the Control Panel, and 1-click RCE via session-riding the plugin install action. No public exploit identified at time of analysis, though the GitHub Security Advisory (GHSA-c55v-343g-5xff) provides detailed exploitation mechanics.
Authentication bypass in Apache APISIX 3.0.0 through 3.16.0 allows a network-accessible attacker holding valid credentials from an alternate CAS (Central Authentication Service) source to authenticate against routes protected by the cas-auth plugin, circumventing intended access controls on protected backend APIs. The flaw, rooted in insufficient credential-origin validation within the cas-auth plugin (CWE-287), enables a credential confusion attack across identity sources - potentially granting unauthorized access to downstream systems the gateway is meant to protect. No public exploit code or CISA KEV listing exists at time of analysis; Apache has released version 3.17.0 as the confirmed fix.
The cas-auth plugin in Apache APISIX 3.0.0-3.16.0 enables identity substitution via CSRF under its default configuration. An attacker who lures a victim to an attacker-controlled webpage can cause the victim's browser to complete a CAS authentication handshake as the attacker's identity within the APISIX gateway. Subsequent API gateway actions performed by the victim are then recorded and authorized under the attacker's account, creating audit trail corruption and potential authorization abuse. No public exploit code exists and this CVE is not listed in CISA KEV at time of analysis.
HMAC authentication replay in Apache APISIX 3.11.0 through 3.16.0 permits remote attackers who have captured a valid hmac-auth signed token to reuse that token indefinitely, entirely bypassing expiry enforcement under certain plugin configurations. The CVSS 4.0 vector (6.3, AT:P) confirms exploitation depends on a specific hmac-auth configuration condition, limiting blanket exposure but posing significant risk to affected deployments where tokens can be intercepted. No public exploit code or CISA KEV listing has been identified at time of analysis; the fix is available in version 3.17.0 per the Apache security advisory.
Open redirect in Apache APISIX 3.0.0 through 3.16.0 enables unauthenticated remote attackers to manipulate specific HTTP client headers, causing victim users to be redirected to attacker-controlled sites with potential session token leakage. Exploitation requires active user interaction and specific attack conditions (CVSS 4.0 AT:P, UI:A), yielding a vendor-assigned score of 2.1 (Low) - limiting realistic exposure to targeted phishing scenarios rather than opportunistic mass exploitation. No public exploit code or CISA KEV listing exists at time of analysis; the Apache Software Foundation has released a vendor-confirmed fix in version 3.17.0.
Identity header spoofing in the Apache APISIX OPA (Open Policy Agent) plugin allows low-privileged network attackers to relay forged identity headers to upstream services, potentially assuming elevated privileges on those services. Versions 3.5.0 through 3.16.0 are affected, but only when the OPA plugin is deployed in a non-default configuration that fails to sanitize inbound identity headers before forwarding them. No public exploit or active exploitation has been identified; the CVSS 4.0 score of 2.3 reflects the constrained real-world impact driven by the specific configuration prerequisite and the limitation that only downstream upstream services are affected rather than APISIX itself.
Authentication bypass in Apache APISIX's jwe-decrypt plugin (versions 3.8.0 through 3.16.0) allows unauthenticated network attackers to circumvent JWE token integrity validation and reach services protected by the gateway. The root cause (CWE-354) is improper validation of the JWE authentication tag under the plugin's default configuration, meaning crafted or tampered tokens are accepted as legitimate. No public exploit code and no CISA KEV listing are identified at time of analysis; the vendor-released fix is Apache APISIX 3.17.0.
Open redirect in Apache APISIX's cas-auth plugin exposes users to phishing and credential theft when the plugin is used in its default configuration. Affected are all APISIX deployments running versions 3.0.0 through 3.16.0 with cas-auth enabled. An unauthenticated remote attacker can craft a malicious CAS authentication URL that redirects victims to an attacker-controlled site, enabling session hijacking or credential harvesting. No public exploit or KEV listing is recorded at time of analysis, and the CVSS 4.0 base score of 2.1 reflects the attacker's dependence on user interaction and the absence of direct system-level impact.
Identity header spoofing in Apache APISIX's openid-connect plugin (versions 2.3 through 3.16.0) enables low-privileged network attackers to bypass authentication controls and gain unauthorized access to protected upstream resources. The plugin, under its default configuration, fails to strip or validate incoming identity-bearing HTTP headers presented by clients before forwarding requests to backend services, allowing an attacker to inject arbitrary identity claims. No public exploit code or confirmed active exploitation (CISA KEV) has been identified at time of analysis, but the network-exploitable nature and high impact on subsequent systems (SC:H/SI:H in CVSS 4.0) elevate this beyond its moderate overall score.
Incorrect authorization in the Apache APISIX authz-casdoor plugin allows a network-authenticated attacker to cross-authenticate using credentials from a different identity source, effectively bypassing the intended authorization boundary. Affected versions span 2.14.1 through 3.16.0, covering a wide deployment surface for this popular open-source API gateway. The CVSS 4.0 vector signals no direct impact to APISIX itself but high confidentiality and integrity impact on subsequent systems - the upstream APIs and services the gateway is meant to protect. No public exploit code or CISA KEV listing has been identified at time of analysis.
The wolf-rbac plugin in Apache APISIX 1.2.0 through 3.16.0 trusts client-controlled identity and IP data under its default configuration, allowing a low-privileged network attacker to inject spoofed identity information into application logs and manipulate IP-based access control rule evaluation. Rooted in CWE-348 (Use of Less-Trusted Source), the plugin accepts identity claims from a less-trusted input channel rather than authoritative internal state. No public exploit has been identified and the vulnerability is absent from the CISA KEV catalog; the vendor has released a fix in version 3.17.0.
Authentication bypass in Apache APISIX versions 2.2 through 3.16.0 allows remote attackers to circumvent authentication enforced by the jwt-auth plugin under certain configurations, granting unauthorized access to APIs that should require a valid JWT. The flaw stems from spoofable identity assertions (CWE-290) in the plugin's verification logic, and at time of analysis there is no public exploit identified, but the wide affected version range and gateway role make it operationally significant.
Identity header spoofing in Apache APISIX versions 2.12.0 through 3.16.0 allows a low-privileged network attacker to manipulate header values forwarded by the forward-auth plugin to upstream backend services. The flaw, rooted in improper input validation (CWE-20) of the forward-auth plugin's header handling, enables an attacker to impersonate other identities as seen by backend services that rely on APISIX to assert trustworthy identity context. No active exploitation is confirmed in CISA KEV and no public proof-of-concept has been identified, but the CVSS 4.0 subsequent-system impact metrics (SC:H/SI:H/SA:H) signal that backend services face high-severity consequences if exploited.
Authentication bypass in StarTree mcp-pinot versions 3.0.1 and earlier exposes the Model Context Protocol HTTP server on 0.0.0.0:8080 by default with no authentication, allowing any network-adjacent attacker to invoke every MCP tool - including SQL execution, schema creation, and table-config mutation - against the backing Apache Pinot cluster using the server's own credentials. The maximum CVSS 10.0 score reflects a scope-changing confused-deputy condition. No public exploit identified at time of analysis, but the trivial reachability and presence of write/DDL tooling make exploitation straightforward once the port is found.
XML External Entity injection in the HAPI FHIR core library (Maven ca.uhn.hapi.fhir:org.hl7.fhir.utilities, versions <= 6.9.9) lets an attacker who controls or MITMs XML routed through XsltUtilities.saxonTransform(...) read local files and perform blind XXE/SSRF. The three saxonTransform overloads instantiate a bare net.sf.saxon.TransformerFactoryImpl that resolves external general and parameter entities, unlike the co-located transform() siblings that use the project's hardened XXE-protected factory. Publicly available exploit code exists (a full end-to-end PoC accompanies the GitHub advisory), though there is no public exploit identified as actively used in the wild.
LDAP injection in Apache Shiro's DefaultLdapRealm allows remote unauthenticated attackers to manipulate Distinguished Name construction during LDAP bind authentication, potentially bypassing authentication or impersonating other users. The flaw affects all versions through 2.2.0 and 3.0.0-alpha-1 when DefaultLdapRealm is in use, with no public exploit identified at time of analysis. The CVSS 4.0 score of 8.8 reflects high integrity impact against an authentication-critical component.
Incorrect Authorization in Apache DolphinScheduler's API module (versions prior to 3.4.2) allows any authenticated user holding basic system login privileges to delete task definitions belonging to projects outside their authorized scope. The flaw bypasses project-level access controls server-side, enabling cross-project destructive operations without requiring elevated roles. No public exploit has been identified at time of analysis, and no KEV listing exists; moderate severity reflects the authentication prerequisite and the impact being limited to data destruction rather than exfiltration or code execution.
Privilege escalation in Apache DolphinScheduler before 3.4.2 allows any authenticated general user to mint admin-level access tokens by calling the /access-tokens API endpoint directly, bypassing role-enforcement logic. This effectively grants full administrative control over the workflow scheduling platform to any low-privilege account holder. No public exploit has been identified at time of analysis, but the simplicity of the attack surface - a direct API call - makes this a high-priority remediation target for any multi-tenant or enterprise DolphinScheduler deployment.
Incorrect authorization in Apache DolphinScheduler before 3.4.2 allows authenticated users to read alert instances belonging to alert groups outside their assigned permissions. The API component (org.apache.dolphinscheduler:dolphinscheduler-api) fails to enforce permission boundaries between alert groups and their associated alert instances, constituting a broken access control flaw. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and the moderate severity rating reflects the authentication prerequisite and limited confidentiality impact.
Incorrect Authorization in Apache DolphinScheduler's API layer exposes workflow instance data across project boundaries to authenticated users who lack the required project permissions. All versions prior to 3.4.2 of the org.apache.dolphinscheduler:dolphinscheduler-api component are affected, with the vendor recommending immediate upgrade to 3.4.2. No public exploit has been identified and the vulnerability is not listed in CISA KEV; real-world risk is concentrated in multi-tenant deployments where project isolation is the primary access control boundary.
Incorrect Authorization in Apache DolphinScheduler's experimental `/v2` API interface permits authenticated users to invoke privileged operations without undergoing permission validation. All releases of the `dolphinscheduler-api` module prior to 3.4.2 are affected. An attacker with a valid account can bypass role-based access controls enforced on the stable API surface by routing requests through the unguarded `/v2` endpoint, potentially performing administrative workflow, datasource, or tenant operations beyond their granted privilege level. No public exploit code or CISA KEV listing has been identified at time of analysis.
Missing authorization check in the Apache DolphinScheduler DataSource API exposes arbitrary data source metadata to users who lack permission to view it, affecting all versions before 3.4.2. Authenticated users with low-privilege access can query the DataSource API and retrieve connection metadata - such as hostnames, ports, database names, and usernames - belonging to data sources they are not authorized to access. No public exploit or active exploitation has been identified at time of analysis, and the Apache Software Foundation has rated this moderate severity, consistent with a confidentiality-only impact against an internal platform.
Path traversal in Apache Airflow SFTP provider (apache-airflow-providers-sftp before 5.8.1) allows a malicious or compromised remote SFTP server to write files outside the configured local destination directory on the Airflow worker host. The root cause is that SFTPHook.retrieve_directory does not sanitize server-supplied directory-entry names before constructing local file paths, enabling traversal sequences to escape the intended destination. No exploit code has been publicly identified at time of analysis, but the attack requires no Airflow credentials - any deployment that downloads directories from an untrusted SFTP server is in scope.
Denial of service in Apache CXF versions 4.2.0 through 4.2.1 and all versions prior to 4.1.7 allows remote unauthenticated attackers to exhaust server resources by sending messages containing an unbounded number of attachment headers during deserialization. The flaw stems from missing input limits in the message deserialization path and can be triggered without authentication or user interaction. EPSS rates real-world exploitation probability as low (0.02%) and no public exploit identified at time of analysis, but SSVC flags the attack as automatable.
Signature metadata trust bypass in Apache CXF's JwsJsonContainerRequestFilter allows an attacker who can send JWS JSON-signed requests to inject unvalidated metadata - such as Content-Type or protected HTTP headers - by placing it in the first signature entry of a multi-signature JWS JSON token, even when that entry's signature was never verified. Affected deployments using the cxf-rt-rs-security-jose-jaxrs module may incorrectly trust attacker-controlled content type or header values, steering JAX-RS entity parsing or signed-header consistency checks in unintended ways. No public exploit code or CISA KEV listing has been identified at time of analysis; vendor-released patches 4.2.2 and 4.1.7 were published June 10, 2026.
Remote code execution in Apache CXF's JCA integration module allows attackers to achieve arbitrary code execution via JNDI injection when they can manipulate the JCA deployment descriptor (ra.xml) or runtime activation parameters. Affected versions span Apache CXF 4.2.0 to before 4.2.2, and all versions prior to 4.1.7. Despite a CVSS of 8.1, there is no public exploit identified at time of analysis and EPSS sits at 0.04%, suggesting limited near-term exploitation likelihood.
Remote code execution in Apache CXF versions 4.2.0 through 4.2.1 and all versions prior to 4.1.7 can occur when untrusted users are permitted to configure JMS transport, representing a third attempt to fully address the original advisory CVE-2026-44417. With no public exploit identified at time of analysis and an EPSS score of 0.04%, near-term mass exploitation appears unlikely, but the SSVC technical impact is rated total and the flaw is deemed automatable once weaponized.
Token confusion in Apache CXF's JwtAccessTokenValidator allows an attacker holding a valid JWT issued for one Resource Server to replay it against an unrelated Resource Server because the 'aud' (Audience) claim is not validated. Affects Apache CXF 4.2.0 through 4.2.1 and all versions prior to 4.1.7, enabling cross-service authentication bypass with full confidentiality, integrity, and availability impact on the unintended target. No public exploit identified at time of analysis and EPSS is very low (0.02%, 4th percentile), but the fix is straightforward and the issue is structurally severe for federated OAuth2/JWT deployments.
Authentication bypass in Apache CXF's OAuth2 TokenIntrospectionService allows unauthenticated network access to the token introspection endpoint due to a missing 'throw' keyword in the internal security context check, causing the guard to silently pass rather than reject unauthorized callers. Affected are deployments using cxf-rt-rs-security-oauth2 versions 4.2.0-4.2.1 and all 4.1.x releases before 4.1.7 that relied solely on CXF's built-in check without independent authentication at the container or gateway layer. No public exploit code or active exploitation has been identified; vendor-confirmed patches (4.2.2 and 4.1.7) were released June 10, 2026.
XML External Entity (XXE) processing in Apache CXF versions prior to 4.1.7 and 4.2.0-4.2.1 allows remote attackers to trigger out-of-band external entity resolution via the EndpointReferenceUtils and W3CMultiSchemaFactory classes, which instantiate SAXParserFactory without JAXP hardening. While CVSS scores this 9.8 critical, EPSS reports only 0.02% exploitation probability, and there is no public exploit identified at time of analysis. Successful exploitation could enable data exfiltration, SSRF, or denial-of-service against applications that process attacker-controlled XML through CXF web services.
Replay attack protections in Spring Web Services are silently ineffective across multiple major branches due to Wss4jSecurityInterceptor failing to wire configured Apache WSS4J ReplayCache instances into the RequestData object at validation time. Operators who believe UsernameToken nonce replay, Timestamp replay, and SAML one-time-use checks are enforced are unknowingly running without those controls. A network-positioned attacker can intercept and replay valid WS-Security tokens - including credentials and SAML assertions - to re-execute previously-authorized SOAP operations, with no public exploit identified at time of analysis and no CISA KEV listing.
Spring Web Services' Wss4jSecurityInterceptor silently defaults allowRSA15KeyTransportAlgorithm to true, overriding Apache WSS4J's own safer default and permitting inbound WS-Security decryption to accept the weak RSA PKCS#1 v1.5 (rsa-1_5) key transport algorithm. This misconfiguration-by-default affects all four supported release trains (3.1.x, 4.0.x, 4.1.x, 5.0.x) and opens deployed SOAP services to Bleichenbacher-style adaptive chosen-ciphertext attacks against server-side RSA key material unless operators explicitly override the flag. No public exploit has been identified at time of analysis, and the CVSS-assigned high attack complexity (AC:H) reflects the significant number of oracle queries required to mount a practical attack.
Server-side template injection in Apache OFBiz before 24.09.07 allows authenticated users holding Content or DataResource editing privileges to inject template code that is rendered by the framework, resulting in remote code execution on the application server. The flaw is rated CVSS 8.8 with publicly available exploit code exists via the oss-security disclosure thread, though EPSS sits at 0.09% (26th percentile), indicating broad opportunistic exploitation has not yet been observed. Apache has shipped a fix in 24.09.07 and recommends immediate upgrade.
Privilege escalation in Apache OFBiz versions prior to 24.09.07 allows a low-privileged authenticated user to elevate their permissions to a higher-privileged role, leading to full compromise of confidentiality, integrity, and availability of the ERP system. The flaw is rooted in improper authorization (CWE-285) and is exploitable remotely over the network with low complexity once valid low-tier credentials are held. No public exploit identified at time of analysis, and EPSS scoring (0.02%) plus CISA SSVC (Exploitation: none) suggest no observed exploitation activity yet.
Path traversal in Roxy-WI versions 8.2.6.4 and prior allows authenticated remote attackers to read arbitrary configuration files via the config_file_name and configver parameters. The vendor's attempted fix in commit d4d10006 is ineffective due to a logic error - it uses Python tuple-membership instead of substring containment - leaving all realistic '../' payloads unblocked, with no public exploit identified at time of analysis.
Authentication bypass in Roxy-WI versions 8.2.6.4 and prior allows remote unauthenticated attackers to reach protected API functionality by including the 'api' substring in the URL, with the /api/gpt endpoint specifically exposed without authentication. The flaw carries a CVSS 8.3 with scope change and affects a web management interface for HAProxy, Nginx, Apache, and Keepalived, and no public exploit has been identified at time of analysis. No vendor-released patch exists at time of publication, making this a high-priority issue for any internet-exposed installation.
Open redirect in Roxy-WI versions 8.2.6.4 and prior allows unauthenticated remote attackers to silently redirect authenticated users to attacker-controlled domains by exploiting a bypass in the login flow's URL filter. The filter blocks `next` parameter values containing `http://` or `https://` substrings but does not account for RFC-3986 userinfo@host syntax; submitting `next=@evil.example/path` causes the server to construct `https://victim.example@evil.example/path`, which modern browsers route to `evil.example`. No public exploit code has been identified at time of analysis, no patch is available, and this vulnerability is not listed in CISA KEV.
Path traversal bypass in Roxy-WI versions 8.2.6.4 and earlier allows authenticated remote attackers to escape input sanitization in the EscapedString Pydantic validator and inject shell metacharacters alongside '..' sequences. The flaw stems from a flawed if/elif/elif/else control flow that strips metacharacters without re-enforcing the '..' block, and the result is never shlex-quoted before reaching downstream command contexts. No public exploit identified at time of analysis, and no vendor-released patch identified at time of analysis.
Privilege persistence in Apache Answer through version 2.0.0 allows suspended, deleted, or deactivated administrator accounts to retain access to administrative APIs because previously issued tokens are not invalidated upon account state change. The flaw requires high-privilege access to obtain a token initially and carries a CVSS 7.2 with full confidentiality, integrity, and availability impact; no public exploit identified at time of analysis and SSVC marks exploitation as none.
Authenticated command injection in Roxy-WI versions 8.2.6.4 and prior allows low-privileged users (role <= 3, 'user') to execute arbitrary OS commands by abusing the configver URL-path parameter on POST /config/versions/<service>/<server_ip>/<configver>/save, which flows unsanitized into an os.system() call wrapping dos2unix. No public exploit identified at time of analysis, but the GHSA advisory is published and no vendor patch exists, leaving exposed instances at immediate risk of full compromise of the management interface host.
Roxy-WI 8.2.6.4 and prior exposes a broken object-level authorization flaw in its audit history endpoint, allowing any authenticated user to read any other user's full action audit trail. The GET /history/user/<server_ip> endpoint conflates the server_ip path parameter with a user identifier and performs no authorization check, meaning a guest account in an unrelated group can enumerate administrators' operational history including server IPs touched, configs deployed, and services restarted. No patch is available at time of publication; no public exploit code or active exploitation has been identified.
{version,uptime,status,checks}/<server_ip>` route family passes the Flask URL path parameter directly into a Python `requests.get()` call without any allowlist or blocklist validation, making IPv4 literals such as 169.254.169.254, RFC1918 ranges, and 127.0.0.1 all valid targets. No publicly available patches exist at time of analysis, and no public exploit code or CISA KEV listing has been identified.
Stored cross-site scripting in Roxy-WI 8.2.6.4 and prior allows any unauthenticated remote attacker who can send HTTP requests to a managed HAProxy or Nginx load balancer to inject malicious payloads into server access logs, which then execute in the browser of any Roxy-WI administrator who opens the log viewer. The vulnerability stems from unsanitized HTML concatenation in the Python backend combined with unsafe jQuery .html()/.append() rendering on the frontend - a classic stored XSS with a changed scope (S:C) because the attacker's input, written via the load balancer, achieves code execution in the privileged admin web UI context. No publicly available patches exist at time of analysis; no public exploit code or CISA KEV listing has been identified.
LDAP injection in Roxy-WI 8.2.6.4 and prior exposes LDAP directory attributes to authenticated administrators who can manipulate search filter logic via the username URL path parameter. The vulnerable function get_ldap_email (app/modules/roxywi/user.py:120-157) constructs LDAP queries through unsanitized f-string concatenation, enabling injection of additional filter clauses such as *)(mail=*)(cn=* to enumerate or harvest attributes beyond the intended user record. No patch is available at time of publication, and no public exploit identified at time of analysis.
Remote code execution in Roxy-WI versions 8.2.6.4 and prior allows authenticated low-privilege users (role ≤ 3) to inject arbitrary HAProxy directives via unvalidated JSON option fields in the HAProxy section-save API endpoints, achieving command execution as the haproxy user on every managed load balancer. No public exploit has been identified at time of analysis, but the attack is straightforward given the documented injection path through the section.j2, global.j2, and defaults.j2 Ansible templates, and no vendor-released patch is available.
Remote code execution in Roxy-WI versions 8.2.6.4 and prior allows authenticated users to write attacker-controlled content to arbitrary absolute paths on managed load balancers via the WAF rule save endpoint. By dropping a malicious cron file (e.g., /etc/cron.d/nginx_cfg_evil), an attacker achieves root-level code execution on every load balancer in the caller's group. No public exploit identified at time of analysis, and no vendor-released patch is currently available, making this a high-priority issue for any exposed deployment.
Cross-tenant data tampering in Roxy-WI versions 8.2.6.4 and prior allows any authenticated user to silently overwrite HTTP, TCP, Ping, and DNS monitoring checks belonging to other tenants by sending a crafted PUT /smon/check request with another tenant's smon_id. The flaw stems from missing user_group authorization on the UPDATE SQL path (CWE-639, IDOR), while the DELETE path is correctly filtered - confirming the maintainers knew the right pattern but failed to apply it on update. No public exploit identified at time of analysis, and no vendor-released patch is available, raising operational risk for multi-tenant deployments.
Privilege escalation in Roxy-WI versions 8.2.6.4 and prior allows any authenticated user - including the lowest-privilege 'guest' role 4 - to start, stop, or restart the roxy-wi-smon-agent systemd unit on arbitrary managed servers, with the action executing as root via Roxy-WI's passwordless sudo SSH credentials. The flaw stems from missing role and group-ownership checks on the agent_action endpoint, and no public exploit has been identified at time of analysis though the vulnerability is trivially reachable once an account exists.
Privilege escalation and cross-tenant compromise in Roxy-WI versions 8.2.6.4 and prior allows any authenticated user - including the default guest role 4 - to install or reconfigure exporters, WAF, and GeoIP databases on every managed server regardless of tenant ownership. Because the affected installer endpoints lack role and group decorators, low-privilege users can pivot through stored SSH credentials with sudo to achieve root-level command execution on HAProxy/Nginx/Apache hosts belonging to other tenants. No public exploit identified at time of analysis, but the issue is unpatched and rated CVSS 9.9.
Insecure deserialization in Spring for Apache Pulsar's JsonPulsarHeaderMapper allows remote attackers to bypass trusted-package controls and potentially trigger arbitrary Java object instantiation through Pulsar message headers. The flaw stems from a prefix-based package match plus an unsafe empty-allow-list default, affecting versions 1.1.0-1.1.17, 1.2.0-1.2.17, and 2.0.0-2.0.5. No public exploit identified at time of analysis, but the CVSS 8.1 rating and CWE-502 classification place this firmly in the high-impact Java deserialization category that has historically yielded remote code execution.
Unsafe deserialization in Spring for Apache Kafka (versions 2.8.0-4.0.5 across multiple branches) allows a malicious Kafka producer to send crafted message headers that cause downstream consumers to instantiate arbitrary JDK types via Jackson. The flaw stems from a prefix-based trusted-packages check in JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper, which silently extends trust to every subpackage. No public exploit identified at time of analysis, but the bug class (CWE-502 with Jackson default typing) has a long history of leading to remote code execution in Spring/Java ecosystems.
Improper input validation in Spring for Apache Kafka's non-blocking retry topic infrastructure allows an authenticated network producer to disrupt message processing availability across multiple major version lines. By injecting a crafted `retry_topic-attempts` header with an out-of-range integer value, an attacker causes the retry topic router to misidentify the message's position in the retry sequence, producing high availability impact (A:H per CVSS). Affected deployments span Spring for Apache Kafka 2.8.x through 4.0.x. No active exploitation has been confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis.
Unbounded heap growth in Spring for Apache Kafka's DelegatingDeserializer allows an authenticated network producer to trigger a Denial of Service against any consumer application that opts into this deserializer. By flooding the consumer with Kafka records carrying unique, randomized spring.kafka.serialization.selector header values, an attacker forces unbounded cache growth on the consumer's JVM heap, ultimately inducing GC thrash and OutOfMemoryError. No public exploit identified at time of analysis, and this is not listed in the CISA KEV catalog, but the low-complexity, network-accessible attack surface warrants prompt remediation for affected deployments.
Path traversal in Apache Airflow's Samba provider exposes Samba target file systems to arbitrary write operations when GCSToSambaOperator processes GCS object names containing directory traversal sequences. Disclosed on 2026-06-09 via the oss-security mailing list by Apache committer Jarek Potiuk as a pre-NVD disclosure, the vulnerability enables any party who can influence GCS object names in the source bucket to write files outside the intended destination directory on the Samba share. No public exploit code has been identified at time of analysis, and CVSS scoring is not yet available.
Unsanitized rendering of AI-generated response content in Apache Answer through 2.0.0 enables cross-site scripting (XSS) execution in the browsers of any user viewing affected AI-generated answers. The vulnerability (CWE-87, Improper Neutralization of Alternate XSS Syntax) arises because the AI answer rendering pipeline passes output directly to the browser DOM without stripping or encoding malicious script constructs. No public exploit code has been identified at time of analysis, and CISA KEV listing has not been confirmed, but the critical severity designation and vendor-confirmed patch at 2.0.1 indicate this is a high-priority remediation target for all deployments using the AI answer feature.
Apache Answer's Timeline API endpoints through version 2.0.0 fail to enforce authorization, exposing deleted, private, and unapproved content - along with full revision histories - to any authenticated regular user. The vulnerability is an information disclosure flaw affecting all Apache Answer deployments (community forums, help centers, knowledge platforms) running 2.0.0 or earlier. No public exploit has been identified and no KEV listing exists; however, in community deployments where user accounts are freely self-registered, the authentication prerequisite provides limited real-world protection.