Apache Software Foundation 厂商相关 1847 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。
Apache Software Foundation 致力于开发和维护广泛使用的开源软件,涵盖 Web 服务器、数据库及中间件等核心领域。其项目历史上常暴露远程代码执行、跨站脚本及权限绕过等高危漏洞,多源于配置不当或代码逻辑缺陷。尽管拥有严格的代码审查机制,但部分组件仍因复杂性面临持续安全挑战。近期统计显示已收录 1717 条 CVE,凸显其生态规模与安全防护的持续重要性。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2025-57738 | Apache Syncope 安全漏洞 — Apache SyncopeCWE-653 | 7.2AI | HighAI | 2025-10-20 |
| CVE-2025-47410 | Apache Geode 跨站请求伪造漏洞 — Apache GeodeCWE-352 | 8.8AI | HighAI | 2025-10-18 |
| CVE-2025-61581 | Apache Traffic Control 安全漏洞 — Apache Traffic ControlCWE-1333 | 7.5AI | HighAI | 2025-10-16 |
| CVE-2025-54539 | Apache ActiveMQ NMS 安全漏洞 — Apache ActiveMQ NMS AMQP ClientCWE-502 | 9.8AI | CriticalAI | 2025-10-16 |
| CVE-2025-55039 | Apache Spark 安全漏洞 — Apache SparkCWE-347 | 5.9AI | MediumAI | 2025-10-15 |
| CVE-2024-44088 | Apache Geode 安全漏洞 — Apache GeodeCWE-79 | 6.1AI | MediumAI | 2025-10-14 |
| CVE-2025-30001 | Apache StreamPark 安全漏洞 — Apache StreamParkCWE-279 | 8.1AI | HighAI | 2025-10-10 |
| CVE-2025-62228 | Apache Flink CDC SQL注入漏洞 — Apache Flink CDCCWE-89 | 8.8AI | HighAI | 2025-10-09 |
| CVE-2025-61735 | Apache Kylin 安全漏洞 — Apache KylinCWE-918 | 9.1AI | CriticalAI | 2025-10-02 |
| CVE-2025-61733 | Apache Kylin 安全漏洞 — Apache KylinCWE-288 | 9.8AI | CriticalAI | 2025-10-02 |
| CVE-2025-61734 | Apache Kylin 安全漏洞 — Apache KylinCWE-552 | 9.1AI | CriticalAI | 2025-10-02 |
| CVE-2025-61622 | Apache Fory 安全漏洞 — Apache ForyCWE-502 | 9.8AI | CriticalAI | 2025-10-01 |
| CVE-2025-54831 | Apache Airflow 安全漏洞 — Apache AirflowCWE-213 | 6.5 | - | 2025-09-26 |
| CVE-2025-58457 | Apache ZooKeeper 安全漏洞 — Apache ZooKeeperCWE-280 | 8.8AI | HighAI | 2025-09-24 |
| CVE-2025-48392 | Apache IoTDB 安全漏洞 — Apache IoTDB | 9.8AI | CriticalAI | 2025-09-24 |
| CVE-2025-48459 | Apache IoTDB 安全漏洞 — Apache IoTDBCWE-502 | 9.8AI | CriticalAI | 2025-09-24 |
| CVE-2025-59328 | Apache Fory 代码问题漏洞 — Apache ForyCWE-502 | 7.5AI | HighAI | 2025-09-15 |
| CVE-2025-48208 | Apache HertzBeat 注入漏洞 — Apache HertzBeat (incubating)CWE-90 | 8.8AI | HighAI | 2025-09-09 |
| CVE-2025-24404 | Apache HertzBeat 安全漏洞 — Apache HertzBeat (incubating)CWE-91 | 8.8AI | HighAI | 2025-09-09 |
| CVE-2025-58782 | Apache Jackrabbit Core和Apache Jackrabbit JCR Commons 安全漏洞 — Apache Jackrabbit CoreCWE-502 | 9.8AI | CriticalAI | 2025-09-08 |
| CVE-2024-43166 | Apache DolphinScheduler 安全漏洞 — Apache DolphinSchedulerCWE-276 | 9.8AI | CriticalAI | 2025-09-03 |
| CVE-2024-43115 | Apache DolphinScheduler 安全漏洞 — Apache DolphinSchedulerCWE-20 | 8.8AI | HighAI | 2025-09-03 |
| CVE-2025-26467 | Apache Cassandra 安全漏洞 — Apache CassandraCWE-267 | 8.8 | - | 2025-08-25 |
| CVE-2025-54812 | Apache Log4cxx 安全漏洞 — Apache Log4cxxCWE-117 | 6.1AI | MediumAI | 2025-08-22 |
| CVE-2025-54813 | Apache Log4cxx 安全漏洞 — Apache Log4cxxCWE-117 | 5.3AI | MediumAI | 2025-08-22 |
| CVE-2024-48988 | Apache StreamPark 安全漏洞 — Apache StreamParkCWE-564 | 9.8 | - | 2025-08-22 |
| CVE-2025-54988 | Apache Tika 安全漏洞 — Apache Tika PDF parser moduleCWE-611 | 8.4 | High | 2025-08-20 |
| CVE-2024-39954 | Apache EventMesh 安全漏洞 — Apache EventMesh RuntimeCWE-918 | 9.1 | - | 2025-08-20 |
| CVE-2025-53192 | Apache Commons OGNL 安全漏洞 — Apache Commons OGNLCWE-146 | 9.8 | - | 2025-08-18 |
| CVE-2025-54466 | Apache OFBiz 安全漏洞 — Apache OFBizCWE-94 | 9.8AI | CriticalAI | 2025-08-15 |
本页汇总了 Apache Software Foundation 厂商截至目前公开的全部 1847 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。