Commons beanutils
This hub aggregates every CVE we track for Commons beanutils, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3
Monthly trend
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 3 most recently published vulnerabilities affecting Commons beanutils.
- CVE-2025-48734Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default8.8
- CVE-2019-10086In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all ...7.3
- CVE-2014-0114Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress th...7.5
Product normalization is registry-driven with AI assist and human review. How it works