Multiple Apache Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2025-59328 CVSS:5.3

Apache Fory is vulnerable to a denial of service, caused by an unsafe deserialization due to improper input validation.

CVE-2025-58782 CVSS:7.3

Apache Jackrabbit Core and Apache Jackrabbit JCR Commons could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data.

Impact

Denial of Service
Code Execution

Indicators of Compromise

CVE

CVE-2025-59328
CVE-2025-58782

Affected Vendors

Apache

Affected Products

Apache Fory - 0.5.0 - 0.12.1
Apache Jackrabbit Core 1.0.0
Apache Jackrabbit JCR Commons 1.0.0
Apache Jackrabbit Core 2.22.1
Apache Jackrabbit JCR Commons 2.22.1

Remediation

Upgrade to the latest version of Apache, available from the Apache Website.

CVE-2025-59328

CVE-2025-58782

ICS: Multiple Siemens Products Vulnerabilities

NVIDIA Merlin Flaw Enables Remote Code Execution as Root

Multiple Apache Products Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan