Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

434 matches found

Github Security Blog
Github Security Blogadded 2025/05/28 9:31 a.m.10 views

Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which can lead to JDBC Vulnerability URLEncode and backspace bypass. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it...

6.5CVSS6.8AI score0.00671EPSS
Exploits0References6Affected Software1
vulnersOsv
vulnersOsvadded 2025/05/28 9:31 a.m.7 views

org.apache.inlong:manager-client (>=1.3.0 <=2.1.0), org.apache.inlong:manager-client-examples (>=1.3.0 <=2.1.0) +2 more potentially affected by CVE-2025-27526 via org.apache.inlong:manager-pojo (>=1.13.0 <=2.1.0)

org.apache.inlong:manager-pojo MAVEN version =1.13.0, =1.3.0, =1.3.0, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27526 Source advisory: OSV:GHSA-532X-J9R7-8F73...

6.5CVSS5.8AI score0.00671EPSS
Exploits0
OSV
OSVadded 2025/05/28 9:31 a.m.2 views

GHSA-532X-J9R7-8F73 Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which can lead to JDBC Vulnerability URLEncode and backspace bypass. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it...

6.5CVSS7AI score0.00671EPSS
Exploits0References6
OSV
OSVadded 2025/05/28 9:31 a.m.4 views

GHSA-98V7-XXXV-HCRH Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability allows attackers to bypass the security mechanisms of InLong JDBC and leads to arbitrary file reading. Users are advised to upgrade to Apache InLong's...

8.7CVSS7.4AI score0.00576EPSS
Exploits0References5
vulnersOsv
vulnersOsvadded 2025/05/28 9:31 a.m.4 views

org.apache.inlong:manager-client (>=1.3.0 <=2.1.0), org.apache.inlong:manager-client-examples (>=1.3.0 <=2.1.0) +2 more potentially affected by CVE-2025-27522 via org.apache.inlong:manager-pojo (>=1.13.0 <=2.1.0)

org.apache.inlong:manager-pojo MAVEN version =1.13.0, =1.3.0, =1.3.0, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27522 Source advisory: OSV:GHSA-R324-VGR5-73C9...

6.5CVSS5.8AI score0.00671EPSS
Exploits0
Github Security Blog
Github Security Blogadded 2025/05/28 9:31 a.m.13 views

Apache InLong: JDBC Vulnerability during verification processing

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it. 1...

6.5CVSS6.6AI score0.00671EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2025/05/28 9:31 a.m.4 views

GHSA-R324-VGR5-73C9 Apache InLong: JDBC Vulnerability during verification processing

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it. 1...

9.3CVSS8.1AI score0.00671EPSS
Exploits0References5
vulnersOsv
vulnersOsvadded 2025/05/28 8:41 a.m.5 views

org.apache.inlong:manager-client (>=1.3.0 <=2.1.0), org.apache.inlong:manager-client-examples (>=1.3.0 <=2.1.0) +2 more potentially affected by CVE-2025-27526 via org.apache.inlong:manager-pojo (>=1.13.0 <=2.1.0)

org.apache.inlong:manager-pojo MAVEN version =1.13.0, =1.3.0, =1.3.0, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27526 Source advisory: SNYK:JAVA-ORGAPACHEINLONG-10255360...

6.5CVSS5.8AI score0.00671EPSS
Exploits0
vulnersOsv
vulnersOsvadded 2025/05/28 8:41 a.m.27 views

org.apache.inlong:manager-client (>=1.1.0-incubating <=2.1.0), org.apache.inlong:manager-client-examples (>=1.1.0-incubating <=2.1.0) +3 more potentially affected by CVE-2025-27526 via org.apache.inlong:manager-common (>=1.13.0 <=2.1.0)

org.apache.inlong:manager-common MAVEN version =1.13.0, =1.1.0-incubating, =1.1.0-incubating, =1.1.0-incubating, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27526 Source advisory: SNYK:JAVA-ORGAPACHEINLONG-10255359...

6.5CVSS5.8AI score0.00671EPSS
Exploits0
vulnersOsv
vulnersOsvadded 2025/05/28 8:41 a.m.5 views

org.apache.inlong:manager-client (>=1.3.0 <=2.1.0), org.apache.inlong:manager-client-examples (>=1.3.0 <=2.1.0) +2 more potentially affected by CVE-2025-27528 via org.apache.inlong:manager-pojo (>=1.13.0 <=2.1.0)

org.apache.inlong:manager-pojo MAVEN version =1.13.0, =1.3.0, =1.3.0, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27528 Source advisory: SNYK:JAVA-ORGAPACHEINLONG-10255363...

9.1CVSS5.8AI score0.00576EPSS
Exploits0
Snyk
Snykadded 2025/05/28 8:41 a.m.2 views

Improper Handling of Invalid Use of Special Elements

Overview Affected versions of this package are vulnerable to Improper Handling of Invalid Use of Special Elements through the JDBC interface. An attacker can read arbitrary files by inserting special characters into JDBC URL and potentially access or modify data without proper authorisation...

9.3CVSS7AI score0.00576EPSS
Exploits0References2
Snyk
Snykadded 2025/05/28 8:41 a.m.3 views

Improper Handling of Invalid Use of Special Elements

Overview org.apache.inlong:manager-common is an one-stop integration framework for massive data Affected versions of this package are vulnerable to Improper Handling of Invalid Use of Special Elements through the JDBC interface. An attacker can read arbitrary files by inserting special characters...

9.3CVSS7AI score0.00576EPSS
Exploits0References2
vulnersOsv
vulnersOsvadded 2025/05/28 8:41 a.m.6 views

org.apache.inlong:manager-client (>=1.1.0-incubating <=2.1.0), org.apache.inlong:manager-client-examples (>=1.1.0-incubating <=2.1.0) +3 more potentially affected by CVE-2025-27528 via org.apache.inlong:manager-common (>=1.13.0 <=2.1.0)

org.apache.inlong:manager-common MAVEN version =1.13.0, =1.1.0-incubating, =1.1.0-incubating, =1.1.0-incubating, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27528 Source advisory: SNYK:JAVA-ORGAPACHEINLONG-10255362...

9.1CVSS5.8AI score0.00576EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2025/05/28 8:15 a.m.1 views

CVE-2025-27522

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it. 1...

9.8CVSS5.9AI score0.01139EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2025/05/28 8:15 a.m.6 views

CVE-2025-27528

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability allows attackers to bypass the security mechanisms of InLong JDBC and leads to arbitrary file reading. Users are advised to upgrade to Apache InLong's...

9.1CVSS5.8AI score0.00576EPSS
Exploits0References3
OSV
OSVadded 2025/05/28 8:15 a.m.8 views

CVE-2025-27526

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which can lead to JDBC Vulnerability URLEncdoe and backspace bypass. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it...

6.5CVSS5.8AI score0.00671EPSS
Exploits0References3
NVD
NVDadded 2025/05/28 8:15 a.m.13 views

CVE-2025-27528

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability allows attackers to bypass the security mechanisms of InLong JDBC and leads to arbitrary file reading. Users are advised to upgrade to Apache InLong's...

9.1CVSS0.00576EPSS
Exploits0References3
NVD
NVDadded 2025/05/28 8:15 a.m.29 views

CVE-2025-27526

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which can lead to JDBC Vulnerability URLEncdoe and backspace bypass. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it...

6.5CVSS0.00671EPSS
Exploits0References3
NVD
NVDadded 2025/05/28 8:15 a.m.29 views

CVE-2025-27522

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it. 1...

6.5CVSS0.00671EPSS
Exploits0References3
OSV
OSVadded 2025/05/28 8:15 a.m.2 views

CVE-2025-27522

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it. 1...

6.5CVSS5.9AI score
Exploits0References3
Rows per page
Query Builder