Information securityfromInfoWorld6 days agoApache Tika hit by critical vulnerability thought to be patched months agoApache Tika tika-core 1.13–3.2.1, tika-parsers 1.13–1.28.5, and legacy parsers 1.13–1.28.5 are vulnerable to XXE injection.
fromTechzine Global1 week agoInformation securityApache warns of critical vulnerability in Tika toolkitA critical CVE-2025-66516 vulnerability in tika-core (CVSS 10.0) requires upgrading to tika-core 3.2.2 to fully mitigate exploitation risks.
fromTheregister1 week agoInformation securityApache warns of 10.0-rated flaw in Tika metadata toolkitA critical Apache Tika vulnerability and rising multi‑terabit DDoS attacks are forcing urgent upgrades and massive defensive capacity expansion.
fromTechzine Global1 week agoInformation securityApache warns of critical vulnerability in Tika toolkit
fromTheregister1 week agoInformation securityApache warns of 10.0-rated flaw in Tika metadata toolkit
Information securityfromThe Hacker News1 week agoCritical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent PatchApache Tika contains a critical XXE vulnerability (CVE-2025-66516) rated 10.0 that enables XML External Entity injection via crafted XFA files in PDFs.
