PT-2026-1149

CVE-2025-22185 - Apache Tomcat HTTP Request Smuggling CVE ID : CVE-2025-22185 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | NA Visit...

A Bootiful Podcast: Apache Tomcat legend Mark Thomas (Happy new year!)

In this episode, I talk with Mark Thomas, the legendary and highly prolific committer to Apache Tomcat. Happy New Year!...

Apache NuttX 资源管理错误漏洞

Apache NuttX is a real-time embedded operating system from the Apache Foundation USA. A resource management error vulnerability exists in Apache NuttX versions prior to 12.11.0, which stems from reuse after release and could lead to abnormal results in virtual file system rename or move operation...

PT-2026-1146

CVE-2025-22182 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2025-22182 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | NA...

PT-2026-1160

CVE-2025-22194 - Here is a title for the vulnerability: Apache Struts Deserialization Memory Corruption CVE ID : CVE-2025-22194 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record becau...

PT-2026-1157

CVE-2025-22191 - Apache Struts Cross-Site Scripting CVE ID : CVE-2025-22191 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | NA Visit th...

PT-2026-1145

CVE-2025-22181 - Here is the title: Apache HTTP Server Cross-Site Scripting Vulnerability CVE ID : CVE-2025-22181 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not...

PT-2026-1150

CVE-2025-22186 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2025-22186 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0....

PT-2026-1162

CVE-2025-22196 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2025-22196 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0....

PT-2026-1169

CVE-2025-22203 - Apache Struts Code Injection Vulnerability CVE ID : CVE-2025-22203 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | NA...

PT-2026-1164

CVE-2025-22198 - Apache Struts Deserialization Remote Code Execution CVE ID : CVE-2025-22198 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity:...

PT-2026-1144

CVE-2025-22180 - Apache HTTP Server Cross-Site Scripting Vulnerability CVE ID : CVE-2025-22180 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity...

PT-2026-1165

CVE-2025-22199 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2025-22199 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0....

PT-2026-1161

CVE-2025-22195 - Apache Struts Command Injection Vulnerability CVE ID : CVE-2025-22195 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | ...

PT-2026-1159

CVE-2025-22193 - Here is a title for the vulnerability: Apache Struts Deserialization Vulnerability CVE ID : CVE-2025-22193 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because i...

Apache NuttX 安全漏洞

Apache NuttX is a real-time embedded operating system from the Apache USA Foundation. A security vulnerability exists in Apache NuttX versions prior to 12.10.0 that originates from the release of invalid pointers or references, which could lead to a denial of service attack...

PT-2026-7016

Observable Timing Discrepancy vulnerability in Apache Shiro. This issue affects Apache Shiro: from 1., 2. before 2.0.7. Users are recommended to upgrade to version 2.0.7 or later, which fixes the issue. Prior to Shiro 2.0.7, code paths for non-existent vs. existing users are different enough, tha...

Apache StreamPipes 安全漏洞

Apache StreamPipes is a self-service industrial IoT toolkit from the Apache USA Foundation that enables non-technical users to connect, analyze and explore IIoT data streams. A security vulnerability exists in Apache StreamPipes version 0.97.0 and earlier, which stems from a flaw in the user ID...

PT-2026-1166

CVE-2025-22200 - Apache HTTP Server SQL Injection CVE ID : CVE-2025-22200 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | NA Visit the...

PT-2026-1168

CVE-2025-22202 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-22202 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | ...