Known Vulnerabilities for products from Apache
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Apache".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-49361 json | Not Provided | 2026-06-01 | 2026-06-01 | |
| CVE-2026-49328 json | Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubating) fesod-sheet before 2.0.2-i... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-49298 json | Not Provided | 2026-06-01 | 2026-06-01 | |
| CVE-2026-49270 json | Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ ... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-49267 json | Not Provided | 2026-06-01 | 2026-06-01 | |
| CVE-2026-49157 json | Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-48827 json | Not Provided | 2026-06-01 | 2026-06-01 | |
| CVE-2026-48726 json | Not Provided | 2026-06-01 | 2026-06-01 | |
| CVE-2026-48589 json | Not Provided | 2026-05-25 | 2026-05-26 | |
| CVE-2026-48557 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-46764 json | The Event Log detail endpoint `GET /api/v2/eventLogs/{event_log_id}` in Apache Airflow fetched audit-log rows directly by num... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-46745 json | Apache Airflow FAB Auth Manager contains an LDAP filter injection vulnerability (CWE-90) that allows unauthenticated attacker... | Not Provided | 2026-05-25 | 2026-05-27 |
| CVE-2026-46605 json | Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows authenticated connections to rem... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-46586 json | Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Directives in Dynamically Evaluated Cod... | Not Provided | 2026-05-19 | 2026-05-20 |
| CVE-2026-45505 json | Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker,... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-45434 json | Improper Authentication vulnerability in Apache OFBiz via Password-Change Logic Flaw Leading to Remote Code Execution This i... | Not Provided | 2026-05-19 | 2026-05-20 |
| CVE-2026-45426 json | Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-45361 json | Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic ... | Not Provided | 2026-05-25 | 2026-06-01 |
| CVE-2026-45249 json | A cross-site scripting (XSS) vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This iss... | Not Provided | 2026-05-25 | 2026-05-28 |
| CVE-2026-45205 json | Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configurati... | Not Provided | 2026-05-14 | 2026-05-15 |
Known software with vulnerabilities from Apache
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Apache | Accumulo | 1.10.0 |
| Application | Apache | Activemq | - |
| Application | Apache | Activemq Apollo | 1.0 |
| Application | Apache | Activemq Artemis | - |
| Application | Apache | Airflow | 0.1 |
| Application | Apache | Allura | 1.0.0 |
| Application | Apache | Ambari | 0.9 |
| Application | Apache | Amqp 0-x Jms Client | 6.0.3 |
| Application | Apache | Amqp Jms Client | 0.9.0 |
| Application | Apache | Ant | 1.1 |
| Application | Apache | Apache-ssl | 1.37 |
| Application | Apache | Apache Test | - |
| Application | Apache | Apisix | 1.2 |
| Application | Apache | Apr-util | 0.9.1 |
| Application | Apache | Archiva | 0.9 |
| Application | Apache | Arrow | 0.1.0 |
| Application | Apache | Asterixdb | - |
| Application | Apache | Atlas | 0.5.0 |
| Application | Apache | Axis | - |
| Application | Apache | Axis2 | - |