Vulnerabilities in Apache Software Foundation

1,899 results
Vexday analysis

O portfólio da Apache Software Foundation acumula 1.872 CVEs catalogadas, das quais 215 são de severidade crítica e 83 contam com prova de conceito pública — fatores que ampliam a superfície de risco operacional para equipes de segurança. A taxa de exploração ativa é especialmente preocupante: 28 vulnerabilidades constam no catálogo KEV da CISA, representando uma proporção 3,3 vezes acima da média geral do catálogo, o que indica atenção consistente de agentes maliciosos ao ecossistema Apache. A falha mais comum é CWE-20 (validação inadequada de entrada), padrão estrutural que tende a se manifestar em múltiplos produtos e versões, exigindo revisão ampla e não pontual. Destaque para CVE-2021-40438, a vulnerabilidade de maior risco ativo no momento, com EPSS máximo de 1,0 — probabilidade de exploração na prática praticamente certa —, o que a torna prioridade imediata de remediação para qualquer organização que opere componentes Apache afetados.

CVE-2026-32966HIGHApache DolphinScheduler: DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata DisclosureEPSS 0.4%CVE-2026-39999HIGHApache APISIX: JWT Algorithm Confusion allows authentication bypassEPSS 0.4%CVE-2026-44913MEDIUMApache NiFi: Improper Escaping of Table Names in CaptureChangeMySQLEPSS 0.4%CVE-2024-23454MEDIUMApache Hadoop: Temporary File Local Information DisclosureEPSS 0.4%CVE-2026-44598MEDIUMApache Shiro Jakarta EE module: Open redirect and SSRF (requires valid credentials)EPSS 0.4%CVE-2025-64152CRITICALApache IoTDB: Path Traversal VulnerabilityEPSS 0.4%CVE-2026-22922MEDIUMApache Airflow: Airflow externalLogUrl Permission BypassEPSS 0.4%CVE-2025-55017CRITICALApache IoTDB: Path Traversal VulnerabilityEPSS 0.4%CVE-2023-51702MEDIUMApache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer serviceEPSS 0.4%CVE-2026-35194HIGHApache Flink: Remote code execution via SQL injection in code generationEPSS 0.4%CVE-2026-40010CRITICALApache Wicket: possible session fixation using AuthenticatedWebSessionEPSS 0.4%CVE-2026-54475HIGHApache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeoverEPSS 0.4%CVE-2025-66336HIGHApache Doris MCP Server: SQL injection leading the authentication bypassEPSS 0.4%CVE-2026-40046HIGHApache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT: Missing fix for CVE-2025-66168: MQTT control packet remaining length field is not properly validatedEPSS 0.4%CVE-2025-66467HIGHApache CloudStack: MinIO policy remains intact on bucket deletionEPSS 0.4%CVE-2026-40914MEDIUMApache Artemis Stomp Protocol, Apache ActiveMQ Artemis Stomp Protocol: Address routing-type can be updated by STOMP protocol user without the createAddress permissionEPSS 0.4%CVE-2025-62235HIGHApache Mynewt NimBLE: Incorrect handling of SMP Security Request could lead to undesirable pairingEPSS 0.4%CVE-2026-50623MEDIUMApache CXF: Authentication Bypass in OAuth2 TokenIntrospectionServiceEPSS 0.4%CVE-2026-42252CRITICALApache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user patternEPSS 0.4%CVE-2026-48726MEDIUMApache Airflow: revoke_token() unreachable in FabAuthManager / KeycloakAuthManager logout pathEPSS 0.4%