Home/Tag/Xxe

Xxe

4 articles tagged with "Xxe"

Vulnerabilities3 min read

Cisco ISE XXE Flaw Has Public PoC, Patch Now

Cisco patches CVE-2026-20029, an XML external entity vulnerability in Identity Services Engine with proof-of-concept exploit code already publicly available.

Marcus ChenJan 31, 2026

Vulnerabilities3 min read

Apache Struts XXE Flaw Exposes Enterprise Apps to Data Theft

CVE-2025-68493 in the XWork component enables XML External Entity attacks that can leak files, perform SSRF, or crash systems. Patch to version 6.1.1.

Marcus ChenJan 19, 2026

Vulnerabilities3 min read

Cisco Patches ISE Flaw After Public PoC Exploit Emerges

CVE-2026-20029 lets authenticated admins read restricted system files through XML parsing weakness. Trend Micro ZDI researcher found the bug; no workarounds available.

Marcus ChenJan 11, 2026

Vulnerabilities4 min read

Maximum Severity Apache Tika Flaw Threatens Document Pipelines

CVE-2025-66516 is a CVSS 10.0 XXE injection vulnerability in Apache Tika affecting Solr, Elasticsearch, and countless document processing systems.

Marcus ChenDec 16, 2025