CVE-2026-24400 - **XXE Vulnerability in AssertJ's XmlStringPrettyFormatter – Exploit Details and Remediation Guide
AssertJ is one of the most popular libraries for fluent assertions in Java testing. While it makes tests expressive and readable, a serious XML External
CVE-2025-68493 - Missing XML Validation in Apache Struts – What You Should Know and How to Stay Safe
In June 2024, a serious security vulnerability, identified as CVE-2025-68493, was disclosed in Apache Struts. This vulnerability is caused by missing XML validation, which can
CVE-2025-66516 - Critical XXE Vulnerability in Apache Tika Core, PDF Module, and Parsers
A major security flaw has been found in Apache Tika affecting its tika-core (1.13-3.2.1), tika-pdf-module (2..-3.2.1), and tika-parsers (1.
CVE-2025-58360 - How an XXE Flaw in GeoServer Exposed Sensitive Data Via GetMap Requests
GeoServer, the popular open-source geospatial server, is often used by organizations to share and visualize spatial data. In early 2025, security researchers discovered a new
CVE-2024-31573 - How a Simple XMLUnit for Java Bug Can Open the Door to Remote Code Execution
Summary:
In March 2024, a new vulnerability was identified in XMLUnit for Java—CVE-2024-31573. This issue, lurking since the early days of the library and
Episode
00:00:00
00:00:00