Apache InLong JDBC Vulnerability Enables Deserialization Of Untrusted Data - Cybernoz - Cybersecurity News

Apache InLong CVE-2025-27522 Exposes RCE Attacks

A newly disclosed vulnerability, tracked as CVE-2025-27522, has been discovered in Apache InLong, a widely used real-time data streaming platform. The Apache InLong vulnerability introduces the potential for remote code execution (RCE).  The vulnerability affects Apache InLong versions 1.13.0 through 2.1.0, making a wide range of deployments potentially vulnerable. According to the official Apache security advisory, the flaw results from the des…

Apache InLong JDBC Vulnerability Enables Deserialization Of Untrusted Data - Cybernoz - Cybersecurity News

A moderate-severity vulnerability, tracked as CVE-2025-27522, has been disclosed in Apache InLong, a popular data integration platform. The flaw, affecting versions 1.13.0 through 2.1.0, centers on the deserialization of untrusted data during JDBC (Java Database Connectivity) verification processing. This vulnerability is classified as a secondary mining bypass for the previously reported CVE-2024-26579, indicating that earlier patches were insu…

Apache InLong JDBC Vulnerability Enables Deserialization of Untrusted Data

A moderate-severity vulnerability, tracked as CVE-2025-27522, has been disclosed in Apache InLong, a popular data integration platform. The flaw, affecting versions 1.13.0 through 2.1.0, centers on the deserialization of untrusted data during JDBC (Java Database Connectivity) verification processing. This vulnerability is classified as a secondary mining bypass for the previously reported CVE-2024-26579, indicating that earlier […] The post Apac…