Causeway
1 CVEs
product
Monthly
Apache Causeway faces Java deserialization vulnerabilities that allow remote code execution (RCE) through user-controllable URL parameters. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Deserialization
RCE
Apache
Java
Causeway
NVD
CVSS 3.1
6.3
EPSS
0.8%
CVE-2025-64408
EPSS 1%
CVSS 6.3
MEDIUM
PATCH
This Month
Apache Causeway faces Java deserialization vulnerabilities that allow remote code execution (RCE) through user-controllable URL parameters. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Deserialization
RCE
Apache
+2
NVD