CVE-2025-27446 – Apache APISIX(java-plugin-runner) Local Privilege Escalation

CVE ID : CVE-2025-27446

Published : July 6, 2025, 6:15 a.m. | 49 minutes ago

Description : Incorrect Permission Assignment for Critical Resource vulnerability in Apache APISIX(java-plugin-runner).

Local listening file permissions in APISIX plugin runner allow a local attacker to elevate privileges.
This issue affects Apache APISIX(java-plugin-runner): from 0.2.0 through 0.5.0.

Users are recommended to upgrade to version 0.6.0 or higher, which fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

نوشته های مشابه

CVE-2025-7089 – Belkin F9K1122 Web Component Stack-Based Buffer Overflow Vulnerability

CVE-2025-7090 – Belkin Webs Stack-Based Buffer Overflow Vulnerability

CVE-2025-7091 – Belkin Webs Stack-Based Buffer Overflow Vulnerability

CVE-2025-7092 – Belkin F9K1122 Web WPS Enrolee Pin Stack Buffer Overflow