CVE-2025-68493
mediumEPSS Score
23.1%
Exploitation probability in 30 days
Top 3% most likely to be exploited
Published: January 11, 2026 (180 days ago)
Last Modified: June 30, 2026
Vendor: Apache
Source: MITRE
Vulnerability Report
Generated by CyberWatcher
Description
Missing XML Validation vulnerability in Apache Struts, Apache Struts.
This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0.
Users are recommended to upgrade to version 6.1.1, which fixes the issue.
CWE
CWE-611Affected Products
Apache Software Foundation Apache Struts