CVE CyberSecurity Database News (Page 25)

Dec 5, 2025 Exploit Apache

CVE-2025-55753 - Integer Overflow in Apache HTTP Server’s ACME Renewal Timer Can Lead to Certificate Flood

In early 2025, a new vulnerability was disclosed in the Apache HTTP Server, one of the world’s most popular web servers. This vulnerability, tracked

Dec 4, 2025 XXE Windows Mac Java Apache

CVE-2025-66516 - Critical XXE Vulnerability in Apache Tika Core, PDF Module, and Parsers

A major security flaw has been found in Apache Tika affecting its tika-core (1.13-3.2.1), tika-pdf-module (2..-3.2.1), and tika-parsers (1.

Dec 3, 2025 RCE Exploit

CVE-2025-55182 - Pre-auth RCE in React Server Components – How Deserialization Opened the Door

React Server Components bring a lot of power to web development, but sometimes power comes with risk. In early 2025, a major vulnerability—CVE-2025-55182—was

Dec 3, 2025 WordPress PHP

CVE-2025-13486 - Remote Code Execution in Advanced Custom Fields Extended Plugin for WordPress

Published: 2024-06-25 <br>Affected Plugin: Advanced Custom Fields: Extended <br>Vulnerable Versions: .9..5 through .9.1.1 TL;DR A

Dec 2, 2025

CVE-2025-61729 - Excessive Resource Consumption via HostnameError.Error() Unbounded String Concatenation

A new vulnerability has surfaced in some software that uses the HostnameError.Error() function, tracked as CVE-2025-61729. This security issue is particularly dangerous because it