CRITICAL ALERT: Apache Tika XXE Flaw (CVSS 10.0) Allows File Read via PDF Files
On 4 December 2025, the Apache Software Foundation disclosed a critical vulnerability — CVE-2025-66516, rated the maximum CVSS 10.0 — in the Apache Tika library. Because Tika underpins search engines, ECM platforms, DLP systems,...
