CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1986 matches found

Positive Technologies•added 2026/02/13 12:0 a.m.•2 views

PT-2026-8258

CVE-2025-35976 - Apache Struts XML External Entity XXE Injection CVE ID : CVE-2025-35976 Published : Feb. 13, 2026, 7:16 p.m. | 18 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA Visit the...

5.4AI score

Exploits0References1

Positive Technologies•added 2026/02/13 12:0 a.m.•3 views

PT-2026-8265

CVE-2025-36532 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2025-36532 Published : Feb. 13, 2026, 7:16 p.m. | 18 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA Visit t...

5.6AI score

Exploits0References1

Positive Technologies•added 2026/02/13 12:0 a.m.•5 views

PT-2026-8261

CVE-2025-36517 - Apache Struts SQL Injection CVE ID : CVE-2025-36517 Published : Feb. 13, 2026, 7:16 p.m. | 18 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA Visit the link for more...

5.7AI score

Exploits0References1

Positive Technologies•added 2026/02/13 12:0 a.m.•6 views

PT-2026-8257

CVE-2025-35962 - Apache Struts Command Execution Vulnerability CVE ID : CVE-2025-35962 Published : Feb. 13, 2026, 7:16 p.m. | 18 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA Visit the...

5.5AI score

Exploits0References1

Positive Technologies•added 2026/02/13 12:0 a.m.•3 views

PT-2026-8260

CVE-2025-35997 - Apache Struts Remote Code Execution CVE ID : CVE-2025-35997 Published : Feb. 13, 2026, 7:16 p.m. | 18 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA Visit the link for mo...

5.6AI score

Exploits0References1

GithubExploit•added 2026/02/04 1:57 a.m.•187 views

Exploit for Missing XML Validation in Apache Struts

CVE-2025-68493 CVE-2025-68493 7. References 1 Apac...

8.1CVSS6.1AI score0.00026EPSS

Exploits1

Positive Technologies•added 2026/01/23 12:0 a.m.•4 views

PT-2026-4634

CVE-2026-24335 - Apache Struts Unvalidated Input CVE ID : CVE-2026-24335 Published : Jan. 23, 2026, 5:16 a.m. | 1 hour, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.4AI score

Exploits0References1

Positive Technologies•added 2026/01/23 12:0 a.m.•1 views

PT-2026-4640

CVE-2026-24341 - Apache Struts SQL Injection CVE ID : CVE-2026-24341 Published : Jan. 23, 2026, 5:16 a.m. | 1 hour, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.6AI score

Exploits0References1

Positive Technologies•added 2026/01/22 12:0 a.m.•4 views

PT-2026-4626

CVE-2024-53248 - Apache Struts Command Injection CVE ID : CVE-2024-53248 Published : Jan. 22, 2026, 10:16 a.m. | 50 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. Severity: 0.0 | NA Visit the link for more details, such as CVSS details,...

5.4AI score

Exploits0References1

Positive Technologies•added 2026/01/22 12:0 a.m.•3 views

PT-2026-4622

CVE-2024-45730 - Apache Struts Remote Code Execution CVE ID : CVE-2024-45730 Published : Jan. 22, 2026, 10:16 a.m. | 50 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. Severity: 0.0 | NA Visit the link for more details, such as CVSS...

5.5AI score

Exploits0References1

Positive Technologies•added 2026/01/22 12:0 a.m.•2 views

PT-2026-4619

CVE-2024-45727 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2024-45727 Published : Jan. 22, 2026, 10:16 a.m. | 50 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. Severity: 0.0 | NA Visit the link for more details, suc...

5.6AI score

Exploits0References1

IBM Security Bulletins•added 2026/01/16 9:28 a.m.•12 views

Security Bulletin: Remediation of Multiple Apache Struts 1.3.10 Vulnerabilities in IBM Library Support for Struts

Summary Multiple EOL Apache Struts 1.3.10 Vulnerabilities have been addressed in IBM Library Support for Struts Vulnerability Details CVEID:CVE-2025-54656 DESCRIPTION: UNSUPPORTED WHEN ASSIGNED Improper Output Neutralization for Logs vulnerability in Apache Struts. This issue affects Apache Strut...

8.8CVSS8.1AI score0.92332EPSS

Exploits8Affected Software1

IBM Security Bulletins•added 2026/01/16 9:15 a.m.•20 views

Security Bulletin: Remediation of Multiple Apache Struts 1.1 Vulnerabilities in IBM Library Support for Struts

Summary Multiple Apache Struts 1.1 Vulnerabilities have been addressed in IBM Library Support for Struts Vulnerability Details CVEID:CVE-2006-1546 DESCRIPTION: Apache Software Foundation ASF Struts before 1.2.9 allows remote attackers to bypass validation via a request with a...

10CVSS9.7AI score0.92332EPSS

Exploits14Affected Software1

IBM Security Bulletins•added 2026/01/16 9:11 a.m.•29 views

Security Bulletin: Remediation of Multiple Apache Struts 2.5.33 Vulnerabilities in IBM Library Support for Struts.

Summary EOL Apache Struts 2.5.33 vulnerability has been addressed in IBM Library Support for Struts. Vulnerability Details CVEID:CVE-2024-53677 DESCRIPTION: File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some...

9.8CVSS9.5AI score0.93161EPSS

Exploits15Affected Software1

HackRead•added 2026/01/15 11:42 a.m.•5 views

Years-Old Vulnerable Apache Struts 2 Versions See 387K Weekly Downloads

Over 387,000 users downloaded vulnerable Apache Struts versions this week. Exclusive Sonatype research reveals a high-risk flaw found by AI. Is your system at risk?...

7AI score

Exploits0

Github Security Blog•added 2026/01/11 3:31 p.m.•14 views

Apache Struts 2 is Missing XML Validation

Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue...

8.1CVSS7AI score0.00026EPSS

Exploits1References4Affected Software3

OSV•added 2026/01/11 3:31 p.m.•2 views

GHSA-QCFC-HMRC-59X7 Apache Struts 2 is Missing XML Validation

8.1CVSS5.8AI score0.00026EPSS

Exploits1References4

vulnersOsv•added 2026/01/11 3:31 p.m.•1 views

com.amazonaws.serverless:aws-serverless-java-container-struts (=1.9), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=5.0.0) +52 more potentially affected by CVE-2025-68493 via org.apache.struts:struts2-core (>=6.0.0 <=6.10.0)

org.apache.struts:struts2-core MAVEN version =6.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.2 and more Source cves: CVE-2025-68493 Source advisory: OSV:GHSA-QCFC-HMRC-59X7https://vulners.c...

8.1CVSS5.8AI score0.00026EPSS

Exploits1