Security Bulletin: Due to the use of Apache Tika, IBM webMethods Integration Server is vulnerable to XML External Entity injection (CVE-2025-66516)
Summary IBM webMethods Integration Server uses Apache Tika for Reference Data functionality and vulnerability reported in Apache Tika is addressed. Vulnerability Details CVEID:CVE-2025-66516 DESCRIPTION: Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parser...