Cybersecuritynews
Apache NiFi Vulnerability CVE-2026-25903 Allows Authorization Bypass
First seen 17 Feb 2026, 09:11 UTC
•
•90% similarity
•45.9
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A high-severity vulnerability in Apache NiFi, tracked as CVE-2026-25903, has been disclosed, allowing lower-privileged users to modify restricted components. This flaw affects Apache NiFi versions 1.1.0 through 2.7.2 and has been addressed in version 2.8.0. Users are urged to upgrade to mitigate potential security risks.
ThreatCluster AI
Timeline
2026-02-16
CVE-2026-25903 disclosed
2026-02-17
Apache NiFi users urged to upgrade due to vulnerability
2026-02-17
Patch released in version 2.8.0