According to its banner, the version of Apache Tika running on the remote host is prior to 3.2.2. It is, therefore, affected by an XML External Entity (XXE) vulnerability via a crafted XFA file inside of a PDF.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Oracle Business Process Management Suite installed on the remote host is affected by a vulnerability, as referenced in the January 2026 CPU advisory:

  - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware     (component: Composer (Apache Commons FileUpload)). Supported versions that are affected are 12.2.1.4.0     and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via     HTTP to compromise Oracle Business Process Management Suite. Successful attacks of this vulnerability can     result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle      Business Process Management Suite. (CVE-2025-48976)

  - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware     (component: Runtime Engine (Apache Tika)). Supported versions that are affected are 12.2.1.4.0 and     14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via     HTTP to compromise Oracle Business Process Management Suite. While the vulnerability is in Oracle     Business Process Management Suite, attacks may significantly impact additional products (scope change).     Successful attacks of this vulnerability can result in takeover of Oracle Business Process Management     Suite. (CVE-2025-66516)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers     (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a     crafted XFA file inside of a PDF. This CVE covers the same vulnerability as in CVE-2025-54988. However,     this CVE expands the scope of affected packages in two ways. First, while the entrypoint for the     vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix     were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2     would still be vulnerable. Second, the original report failed to mention that in the 1.x Tika releases,     the PDFParser was in the org.apache.tika:tika-parsers module. (CVE-2025-66516)

Note that Nessus relies on the presence of the package as reported by the vendor.

The version of Oracle Business Process Management Suite installed on the remote host is affected by a vulnerability, as referenced in the January 2026 CPU advisory:

  - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware     (component: Composer (Apache Commons Lang)). The supported version that is affected is 14.1.2.0.0.     Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to     compromise Oracle Business Process Management Suite. Successful attacks of this vulnerability can     result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Business     Process Management Suite. (CVE-2025-48924)

  - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware     (component: Composer (Apache Commons FileUpload)). Supported versions that are affected are 12.2.1.4.0     and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via     HTTP to compromise Oracle Business Process Management Suite. Successful attacks of this vulnerability can     result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle      Business Process Management Suite. (CVE-2025-48976)

  - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware     (component: Oracle Business Rules (Apache Commons Compress)). The supported version that is affected is     14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP     to compromise Oracle Business Process Management Suite. Successful attacks of this vulnerability can     result in takeover of Oracle Business Process Management Suite. (CVE-2025-54988)

  - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware     (component: Runtime Engine (Apache Tika)). Supported versions that are affected are 12.2.1.4.0 and     14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via     HTTP to compromise Oracle Business Process Management Suite. While the vulnerability is in Oracle     Business Process Management Suite, attacks may significantly impact additional products (scope change).     Successful attacks of this vulnerability can result in takeover of Oracle Business Process Management     Suite. (CVE-2025-66516)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory.

  - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component:
    Integration (Apache Tika)). Supported versions that are affected are 21.12.0-21.12.17, 22.12.0-22.12.15,     23.12.0-23.12.16, 24.12.0-24.12.12 and 25.12.0. Easily exploitable vulnerability allows unauthenticated     attacker with network access via HTTP to compromise Primavera Unifier. While the vulnerability is in     Primavera Unifier, attacks may significantly impact additional products (scope change). Successful attacks     of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera     Unifier accessible data as well as unauthorized read access to a subset of Primavera Unifier accessible     data and unauthorized ability to cause a partial denial of service (partial DOS) of Primavera Unifier.
    (CVE-2025-66516)

  - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Reports     (iTextPDF)). Supported versions that are affected are 21.12.0-21.12.17, 22.12.0-22.12.15,     23.12.0-23.12.16, 24.12.0-24.12.12 and 25.12.0. Easily exploitable vulnerability allows unauthenticated     attacker with network access via HTTPS to compromise Primavera Unifier. Successful attacks of this     vulnerability can result in takeover of Primavera Unifier. (CVE-2021-43113)

  - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component:
    Integration (Spring Framework)). Supported versions that are affected are 22.12.0-22.12.15,     23.12.0-23.12.16, 24.12.0-24.12.12 and 25.12.0. Easily exploitable vulnerability allows unauthenticated     attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks of this     vulnerability can result in unauthorized access to critical data or complete access to all Primavera     Unifier accessible data. (CVE-2025-41242, CVE-2025-41249)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Atlassian Jira Service Management Data Center and Server (Jira Service Desk) running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16477 advisory.

  - Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers     (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a     crafted XFA file inside of a PDF. This CVE covers the same vulnerability as in CVE-2025-54988. However,     this CVE expands the scope of affected packages in two ways. First, while the entrypoint for the     vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix     were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2     would still be vulnerable. Second, the original report failed to mention that in the 1.x Tika releases,     the PDFParser was in the org.apache.tika:tika-parsers module. (CVE-2025-66516)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101788 advisory.

  - Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers     (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a     crafted XFA file inside of a PDF. This CVE covers the same vulnerability as in CVE-2025-54988. However,     this CVE expands the scope of affected packages in two ways. First, while the entrypoint for the     vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix     were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2     would still be vulnerable. Second, the original report failed to mention that in the 1.x Tika releases,     the PDFParser was in the org.apache.tika:tika-parsers module. (CVE-2025-66516)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101872 advisory.

  - Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers     (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a     crafted XFA file inside of a PDF. This CVE covers the same vulnerability as in CVE-2025-54988. However,     this CVE expands the scope of affected packages in two ways. First, while the entrypoint for the     vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix     were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2     would still be vulnerable. Second, the original report failed to mention that in the 1.x Tika releases,     the PDFParser was in the org.apache.tika:tika-parsers module. (CVE-2025-66516)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Apache Tika on the remote host is prior to 3.2.2. It is, therefore, affected by a XXE vulnerability:

  - Critical XXE in Apache Tika tika-core (1.13-3.2.1) allows an attacker to carry out XML External Entity injection     via a crafted XFA file inside of a PDF. This CVE covers the same vulnerability as in CVE-2025-54988. However, this     CVE expands the scope of affected packages in two ways. First, while the entrypoint for the vulnerability was the     tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who     upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2 would still be vulnerable. Second,     the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the     'org.apache.tika:tika-parsers' module. (CVE-2025-66516)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Adobe ColdFusion installed on the remote Windows host is prior to 2023.x update 18 or 2025.x update 6.
It is, therefore, affected by a vulnerability in the bundled Apache Tika dependency that could lead to arbitrary code execution.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
115073	Apache Tika < 3.2.2 XML External Entity	Web App Scanning	Component Vulnerability	12/11/2025	12/11/2025	critical
294977	Oracle Business Process Management Suite (12.2.1.4.0) (January 2026 CPU)	Nessus	Misc.	1/22/2026	2/4/2026	critical
277526	Linux Distros Unpatched Vulnerability : CVE-2025-66516	Nessus	Misc.	12/4/2025	4/29/2026	critical
294978	Oracle Business Process Management Suite (14.1.2.0.0) (January 2026 CPU)	Nessus	Misc.	1/22/2026	4/30/2026	critical
295029	Oracle Primavera Unifier (January 2026 CPU)	Nessus	CGI abuses	1/22/2026	4/30/2026	critical
282327	Atlassian Jira Service Management Data Center and Server < 10.3.15 / 11.0.x < 11.2.1 (JSDSERVER-16477)	Nessus	Misc.	1/7/2026	2/18/2026	critical
282328	Atlassian Confluence < 8.5.31 / 8.6.x < 9.2.13 / 9.3.x < 10.2.2 (CONFSERVER-101788)	Nessus	CGI abuses	1/7/2026	2/18/2026	critical
298255	Atlassian Confluence 7.19 < 8.5.31 / 8.6.x < 9.2.13 / 9.3.x < 10.2.2 (CONFSERVER-101872)	Nessus	CGI abuses	2/6/2026	2/9/2026	critical
281841	Apache Tika 1.13 < 3.2.2 XXE (CVE-2025-66516)	Nessus	Misc.	1/6/2026	2/18/2026	critical
286269	Adobe ColdFusion < 2023.x < 2023u18 / 2025.x < 2025u6 RCE (APSB26-12)	Nessus	Windows	1/15/2026	4/30/2026	critical

Detections

Analytics

Plugins Search

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical