CLEANSTART-2026-KP10590 Security fixes for CVE-2024-22257, CVE-2024-38821, CVE-2024-47561, CVE-2025-7962, CVE-2026-3505, CVE-2026-5588, ghsa-3677-xxcr-wjqv, ghsa-qqpg-mvqg-649v, ghsa-x44p-gvrj-pj2r applied in versions: 1.25.0-r0, 1.25.0-r1, 2.7.2-r0

Multiple security vulnerabilities affect the apache-nifi package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-WK99982 Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-2047, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2022-36364, CVE-2022-41881, CVE-2023-20861, CVE-2023-20863, CVE-2023-26048, CVE-2023-26049, CVE-2023-2976, CVE-2023-34462, CVE-2023-36479, CVE-2023-40167, CVE-2023-41900, CVE-2023-42503, CVE-2023-44981, CVE-2024-13009, CVE-2024-23454, CVE-2024-23944, CVE-2024-25710, CVE-2024-26308, CVE-2024-29131, CVE-2024-29133, CVE-2024-38808, CVE-2024-38820, CVE-2024-38827, CVE-2024-47554, CVE-2024-47561, CVE-2024-52046, CVE-2024-6763, CVE-2024-7254, CVE-2024-8184, CVE-2025-11143, CVE-2025-22233, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-40490, CVE-2026-41417, CVE-2026-42578, CVE-2026-42579, CVE-2026-42583, CVE-2026-42586, CVE-2026-44248, CVE-2026-5588, ghsa-58qw-p7qm-5rvh, ghsa-72hv-8253-57qq, ghsa-mj4r-2hfc-f8p6 applied in versions: 4.0.1-r0, 4.0.1-r1, 4.0.1-r2

Multiple security vulnerabilities affect the apache-hive package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-SQ91016 Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-2047, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2022-36364, CVE-2022-41881, CVE-2023-20861, CVE-2023-20863, CVE-2023-26048, CVE-2023-26049, CVE-2023-2976, CVE-2023-34462, CVE-2023-36479, CVE-2023-40167, CVE-2023-41900, CVE-2023-42503, CVE-2023-44981, CVE-2024-13009, CVE-2024-23454, CVE-2024-23944, CVE-2024-25710, CVE-2024-26308, CVE-2024-29131, CVE-2024-29133, CVE-2024-38808, CVE-2024-38820, CVE-2024-38827, CVE-2024-47554, CVE-2024-47561, CVE-2024-52046, CVE-2024-6763, CVE-2024-7254, CVE-2024-8184, CVE-2025-11143, CVE-2025-22233, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-5588, ghsa-58qw-p7qm-5rvh, ghsa-72hv-8253-57qq applied in versions: 4.0.0-r0, 4.0.0-r1

Multiple security vulnerabilities affect the apache-hive package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-JU62349 Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2023-2976, CVE-2023-44981, CVE-2024-23454, CVE-2024-23944, CVE-2024-38827, CVE-2024-47554, CVE-2024-6763, CVE-2024-7254, CVE-2025-11143, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-40490, CVE-2026-41417, CVE-2026-5588, ghsa-72hv-8253-57qq, ghsa-cmxv-58fp-fm3g applied in versions: 4.2.0-r0, 4.2.0-r1, 4.2.0-r2

Multiple security vulnerabilities affect the apache-hive package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-SV95049 Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2023-2976, CVE-2023-44981, CVE-2024-23454, CVE-2024-23944, CVE-2024-38827, CVE-2024-47554, CVE-2024-6763, CVE-2024-7254, CVE-2025-11143, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-5588, ghsa-72hv-8253-57qq applied in versions: 4.1.0-r1, 4.1.0-r2

Multiple security vulnerabilities affect the apache-hive package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-RO34407 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0

Multiple security vulnerabilities affect the apache-zookeeper package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-UZ82654 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5, 3.7.2-r6

Multiple security vulnerabilities affect the apache-zookeeper package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-PO97142 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0

Security vulnerability affects the apache-zookeeper package. This issue is resolved in later releases. See references for vulnerability details...

CLEANSTART-2026-DT46762 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4

Security vulnerability affects the apache-zookeeper package. This issue is resolved in later releases. See references for vulnerability details...

org.apache.artemis:artemis-server: org.apache.activemq:artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication

A flaw was found in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated remote attacker can exploit a missing authentication for critical function vulnerability by using the Core protocol. This allows the attacker to force a target broker to establish an outbound Core federation...

org.apache.artemis:artemis-server: org.apache.activemq:artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication

A flaw was found in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated remote attacker can exploit a missing authentication for critical function vulnerability by using the Core protocol. This allows the attacker to force a target broker to establish an outbound Core federation...

BIT-TOMCAT-2025-52434 Apache Tomcat: APR/Native Connector crash leading to DoS

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0 through...

BIT-TOMCAT-2022-25762 Response mix-up with WebSocket concurrent send and close

If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0 to 9.0.20, it is possible that the application will continue to use the socket after it has been closed. The error handling...

BIT-TOMCAT-2020-1938

When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...

BIT-TOMCAT-2020-1935

In Apache Tomcat 9.0.0 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy...

Exploit for Improper Input Validation in Apache Activemq

CVE-2026-34197 Description \ Improper Input Validation, Imp...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

apache-struts-cve-2017-56...

Apache Struts 2.0.0-2.5.25 - Remote Code Execution

Apache Struts 2.0.0 through Struts 2.5.25 is susceptible to remote code execution because forced OGNL evaluation, when evaluated on raw user input in tag attributes, may allow it. id: CVE-2020-17530 info: name: Apache Struts 2.0.0-2.5.25 - Remote Code Execution author: pikpikcu severity: critical...

apache2-2.4.67-1.1 on GA media (moderate)

apache2-2.4.67-1.1 on GA media Announcement ID: openSUSE-SU-2026:10785-1 Rating: moderate Cross-References: CVE-2026-23918 CVE-2026-24072 CVE-2026-28780 CVE-2026-29168 CVE-2026-29169 CVE-2026-33006 CVE-2026-33007 CVE-2026-33523 CVE-2026-33857 CVE-2026-34032 CVE-2026-34059 CVSS scores:...

PT-2026-41717

CVE-2026-6050 - CVE-2019-11510 - Apache Struts Remote Code Execution CVE ID :CVE-2026-6050 Published : May 16, 2026, 11:16 p.m. | 1 hour, 58 minutes ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for...