SecurityWeek

Critical Apache Tika Vulnerability Leads to XXE Injection

CVE-2025-66516 is a critical Apache Tika vulnerability can be exploited on all platforms in XXE injection attacks via crafted ...
The Hacker News

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

Critical XXE flaw CVE-2025-66516 affects multiple Apache Tika modules, exposing systems and requiring urgent updates.
Threat Post

XXE Bug Patched in Facebook Careers Third-Party Service

A vulnerability was discovered and patched in a third-party service that handles resumes on Facebook’s careers page. A vulnerability was discovered and patched in a third-party service that handles ...
Threat Post

Adobe Patches XXE Vulnerability in LiveCycle Data Services

Adobe pushed out a hotfix for LiveCycle Data Services patching an XXE vulnerability in BlazeDS. Adobe is today expected to push a hotfix through to implementations of its LiveCycle Data Services ...