SecurityWeek

Critical Apache Tika Vulnerability Leads to XXE Injection

CVE-2025-66516 is a critical Apache Tika vulnerability can be exploited on all platforms in XXE injection attacks via crafted ...
InfoWorld

Apache Tika hit by critical vulnerability thought to be patched months ago

CVE-2025-54988 is a weakness in the tika-parser-pdf-module used to process PDFs in Apache Tika from version 1.13 to and ...
The Hacker News

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

Critical XXE flaw CVE-2025-66516 affects multiple Apache Tika modules, exposing systems and requiring urgent updates.
Pro-Linux

Sicherheit: XML External Entity-Verarbeitung in postgresql-jdbc

from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch Red Hat Enterprise Linux Client Optional (v. 7) - noarch Red Hat ...
Threat Post

Schneider Electric Patches XXE Vulnerability In Software

Schneider Electric on Tuesday issued fixes for a vulnerability its SoMachine Basic software that could result in disclosure and retrieval of arbitrary data. Schneider Electric on Tuesday issued fixes ...
Pro-Linux

Sicherheit: XML External Entity-Verarbeitung in apache-ivy

Plattformen: SUSE Manager Proxy 4.3, SUSE Enterprise Storage 7.1, SUSE Manager Server 4.3, SUSE Manager Retail Branch Server 4.3, SUSE Linux Enterprise Real Time 15 SP4, SUSE Linux Enterprise High ...