Known Vulnerabilities for products from Apache
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Apache".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40046 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2026-35573 json | Not Provided | 2026-04-07 | 2026-04-08 | |
| CVE-2026-35554 json | Not Provided | 2026-04-07 | 2026-04-07 | |
| CVE-2026-34538 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2026-34500 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2026-34487 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2026-34486 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2026-34483 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2026-34381 json | Not Provided | 2026-03-31 | 2026-04-01 | |
| CVE-2026-34197 json | Not Provided | 2026-04-07 | 2026-04-08 | |
| CVE-2026-32794 json | Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certi... | Not Provided | 2026-03-30 | 2026-04-02 |
| CVE-2026-32642 json | Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using ... | Not Provided | 2026-03-24 | 2026-03-30 |
| CVE-2026-25903 json | Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that... | Not Provided | 2026-02-17 | 2026-03-30 |
| CVE-2025-65114 json | Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server... | Not Provided | 2026-04-02 | 2026-04-06 |
| CVE-2025-58136 json | A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0... | Not Provided | 2026-04-02 | 2026-04-06 |
| CVE-2025-32897 json | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This security vulnerability is the same as CVE... | Not Provided | 2025-06-28 | 2026-03-30 |
| CVE-2024-47552 json | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubatin... | Not Provided | 2025-03-20 | 2026-03-30 |
| CVE-2024-23946 json | 5.3 - MEDIUM | 2024-02-29 | 2024-03-12 | |
| CVE-2024-21733 json | 5.3 - MEDIUM | 2024-01-19 | 2024-02-01 | |
| CVE-2023-51702 json | 6.5 - MEDIUM | 2024-01-24 | 2024-01-30 |
Known software with vulnerabilities from Apache
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Apache | Accumulo | 1.10.0 |
| Application | Apache | Activemq | - |
| Application | Apache | Activemq Apollo | 1.0 |
| Application | Apache | Activemq Artemis | - |
| Application | Apache | Airflow | 0.1 |
| Application | Apache | Allura | 1.0.0 |
| Application | Apache | Ambari | 0.9 |
| Application | Apache | Amqp 0-x Jms Client | 6.0.3 |
| Application | Apache | Amqp Jms Client | 0.9.0 |
| Application | Apache | Ant | 1.1 |
| Application | Apache | Apache-ssl | 1.37 |
| Application | Apache | Apache Test | - |
| Application | Apache | Apisix | 1.2 |
| Application | Apache | Apr-util | 0.9.1 |
| Application | Apache | Archiva | 0.9 |
| Application | Apache | Arrow | 0.1.0 |
| Application | Apache | Asterixdb | - |
| Application | Apache | Atlas | 0.5.0 |
| Application | Apache | Axis | - |
| Application | Apache | Axis2 | - |