All 6 CVE vulnerabilities found in Apache bRPC, with AI-generated Chinese analysis, references, and POCs.
Vendor: Apache Software Foundation
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-60021 | Apache bRPC: Remote command injection vulnerability in heap builtin service CWE-77 | 9.8 | - | 2026-01-16 |
| CVE-2025-59789 | Apache bRPC: Stack Exhaustion via Unbounded Recursion in JSON Parser CWE-674 | 7.5AI | HighAI | 2025-12-01 |
| CVE-2025-54472 | Apache bRPC: Redis Parser Remote Denial of Service CWE-400 | 7.5AI | HighAI | 2025-08-14 |
| CVE-2024-23452 | Apache bRPC: HTTP request smuggling vulnerability CWE-444 | 8.2 | - | 2024-02-08 |
| CVE-2023-45757 | Apache bRPC: The builtin service rpcz page has an XSS attack vulnerability CWE-79 | 6.1 | - | 2023-10-16 |
| CVE-2023-31039 | Apache bRPC: ServerOptions.pid_file may cause arbitrary code execution CWE-20 | 9.8 | - | 2023-05-08 |
All 6 known CVE vulnerabilities affecting Apache bRPC with full Chinese analysis, references, and POCs where available.