Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Tenable Nessus
Tenable Nessusadded 2026/02/06 12:0 a.m.2 views

Atlassian Confluence 7.13 < 9.2.11 / 9.3.1 < 10.1.0 (CONFSERVER-101827)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101827 advisory. - Blind XXE Vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit 2.23.2 due to usage of an unsecured document build t...

8.8CVSS7.4AI score0.00212EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletinsadded 2025/11/06 7:7 a.m.2 views

Security Bulletin: Due to use of jackrabbit-spi-commons IBM webMethods BPM is vulnerable to loading privileges using unsecured document build

Summary IBM webMethods BPM is using jackrabbit-spi-commons which is affected by a known vulnerability CVE-2025-53689. This security bulletin provides guidance on addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-53689 DESCRIPTION: Blind XXE Vulnerabilities in jackrabbit-spi-commo...

8.8CVSS6.7AI score0.00212EPSS
Exploits0Affected Software1
OSV
OSVadded 2025/07/14 12:30 p.m.0 views

GHSA-44C3-38H8-9FH9 Apache Jackrabbit vulnerable to blind XXE attack due to insecure document build

Blind XXE vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit 2.23.2 due to usage of an unsecured document build to load privileges. Users are recommended to upgrade to versions 2.20.17 Java 8, 2.22.1 Java 11 or 2.23.2 Java 11, beta versions, which fix this issue...

8.8CVSS7AI score0.00212EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2025/07/14 12:30 p.m.4 views

Apache Jackrabbit vulnerable to blind XXE attack due to insecure document build

Blind XXE vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit 2.23.2 due to usage of an unsecured document build to load privileges. Users are recommended to upgrade to versions 2.20.17 Java 8, 2.22.1 Java 11 or 2.23.2 Java 11, beta versions, which fix this issue...

8.8CVSS6.4AI score0.00212EPSS
Exploits0References5Affected Software2
CVE
CVEadded 2025/07/14 9:15 a.m.37 views

CVE-2025-53689

CVE-2025-53689 covers blind XXE in Apache Jackrabbit’s jackrabbit-spi-commons and jackrabbit-core prior to 2.23.2, due to an unsecured document build that loads privileges. Public references in the initial and connected documents indicate this affects Confluence Server/Data Center (via bundled Ja...

8.8CVSS6.5AI score0.00212EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2025/07/14 9:15 a.m.4 views

CVE-2025-53689

Blind XXE Vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit 2.23.2 due to usage of an unsecured document build to load privileges. Users are recommended to upgrade to versions 2.20.17 Java 8, 2.22.1 Java 11 or 2.23.2 Java 11, beta versions, which fix this issue...

8.8CVSS7.4AI score0.00212EPSS
Exploits0
Rows per page
Query Builder