Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

Written by

The Hacker NewsA critical security flaw has been disclosed in Apache Tika that could result in an XML external entity (XXE) injection attack.
The vulnerability, tracked as CVE-2025-66516, is rated 10.0 on the CVSS scoring scale, indicating maximum severity.
“Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows anRead More

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

Comments

Leave a Reply Cancel reply

More posts

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute