The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April.
The post Recent Apache ActiveMQ Vulnerability Exploited in the Wild appeared first on SecurityWeek.
RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years
The vulnerability requires authentication for successful exploitation, but another flaw exposes the Jolokia API without authentication.
The post RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years appeared first on SecurityWeek.
Critical Apache Tika Vulnerability Leads to XXE Injection
The bug allows attackers to carry out XML External Entity (XXE) injection attacks via crafted XFA files inside PDF files.
The post Critical Apache Tika Vulnerability Leads to XXE Injection appeared first on SecurityWeek.
Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum
Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.
The post Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum appeared first on SecurityWeek.
Apache OFBiz Users Warned of New and Exploited Vulnerabilities
Organizations are being warned of a newly discovered Apache OFBiz vulnerability as exploitation of another recent flaw is observed.
The post Apache OFBiz Users Warned of New and Exploited Vulnerabilities appeared first on SecurityWeek.
CISA Warns of Apache Superset Vulnerability Exploitation
CISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog.
The post CISA Warns of Apache Superset Vulnerability Exploitation appeared first on SecurityWeek.
Critical Apache OFBiz Vulnerability in Attacker Crosshairs
Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070.
The post Critical Apache OFBiz Vulnerability in Attacker Crosshairs appeared first on SecurityWeek.
Recent Apache Struts 2 Vulnerability in Attacker Crosshairs
Attackers are attempting to exploit a critical RCE flaw in Apache Struts 2 after researchers publish PoC code.
The post Recent Apache Struts 2 Vulnerability in Attacker Crosshairs appeared first on SecurityWeek.
Apache Patches Critical RCE Vulnerability in Struts 2
Apache has addressed a critical-severity Struts 2 file upload vulnerability that could lead to remote code execution.
The post Apache Patches Critical RCE Vulnerability in Struts 2 appeared first on SecurityWeek.
Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
Hackers have set their sights on CVE-2023-34468, an RCE vulnerability in Apache NiFi that impacts thousands of organizations.
The post Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks appeared first on SecurityWeek.
