Apache
Security Scorecard
Score
18F
Total CVEs
943
Patch Rate
0%
2 patched
Avg Response
-
days to patch
Critical Gaps
21
exploitable, no detection
Severity Breakdown
Critical4
High19
Medium67
Low0
Patch Status
Patched2 (0%)
Partial/Workaround5 (1%)
Unpatched936 (99%)
CVEs (949)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-26866 | Hugegraph Raft Node Exploit | HIGH | 8.8 | 1d | Unpatched |
| CVE-2025-58130 | Apache Fineract Insufficiently Protected Credentials | CRITICAL | 9.1 | 1d | Unpatched |
| CVE-2025-58137 | Apache Fineract Bypass | HIGH | 8.1 | 1d | Unpatched |
| CVE-2025-54981 | StreamPark Encryption Vulnerability | HIGH | 7.5 | 1d | Unpatched |
| CVE-2025-53960 | Apache StreamPark Encryption Key Weakness | MEDIUM | 5.9 | 1d | Unpatched |
| CVE-2025-23408 | Apache Fineract Weak Password Requirements Vulnerability | MEDIUM | 6.5 | 4d | Unpatched |
| CVE-2025-55753 | Apache HTTP Server ACME Backoff Timer Exploit | HIGH | 7.5 | - | Partial |
| CVE-2025-65082 | Apache HTTP Server Vulnerability | MEDIUM | 6.5 | - | Partial |
| CVE-2025-66200 | Apache HTTPD Vulnerability | MEDIUM | 5.4 | - | Partial |
| CVE-2025-66516 | Apache Tika XXE Vulnerability | CRITICAL | 9.8 | 14d | Unpatched |