Poster - CVE CyberSecurity Database News (Page 38)

Dec 4, 2025 XXE Windows Mac Java Apache

CVE-2025-66516 - Critical XXE Vulnerability in Apache Tika Core, PDF Module, and Parsers

A major security flaw has been found in Apache Tika affecting its tika-core (1.13-3.2.1), tika-pdf-module (2..-3.2.1), and tika-parsers (1.

Dec 3, 2025 RCE Exploit

CVE-2025-55182 - Pre-auth RCE in React Server Components – How Deserialization Opened the Door

React Server Components bring a lot of power to web development, but sometimes power comes with risk. In early 2025, a major vulnerability—CVE-2025-55182—was

Dec 3, 2025 WordPress PHP

CVE-2025-13486 - Remote Code Execution in Advanced Custom Fields Extended Plugin for WordPress

Published: 2024-06-25 <br>Affected Plugin: Advanced Custom Fields: Extended <br>Vulnerable Versions: .9..5 through .9.1.1 TL;DR A

Dec 2, 2025

CVE-2025-61729 - Excessive Resource Consumption via HostnameError.Error() Unbounded String Concatenation

A new vulnerability has surfaced in some software that uses the HostnameError.Error() function, tracked as CVE-2025-61729. This security issue is particularly dangerous because it

Dec 1, 2025 API

CVE-2025-13836 - HTTP Client Memory Exhaustion Vulnerability Explained

HTTP clients are everywhere—web browsers, API clients, bots. But sometimes, an overlooked default can open the door for attackers. CVE-2025-13836 highlights one of these