AI description
CVE-2025-59059 is identified as a vulnerability within the Networking component of Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition. Affected versions include Oracle Java SE: 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7, and 24.0.1; and Oracle GraalVM Enterprise Edition: 21.3.14. This vulnerability can be exploited by an unauthenticated attacker with network access using multiple protocols to compromise the affected Oracle Java products. Successful exploitation may result in unauthorized access to critical data or complete access to all data accessible by Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition. This vulnerability primarily impacts Java deployments, such as clients running sandboxed Java Web Start applications or applets, that load and execute untrusted code and rely on the Java sandbox for security.
- Description
- Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue.
- Source
- security@apache.org
- NVD status
- Analyzed
- Products
- ranger
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@apache.org
- CWE-94
- Hype score
- Not currently trending
CVE-2025-59060: Apache Ranger: Hostname verification bypass in NiFiRegistryClient and NifiClient https://t.co/hCdHrz5KcI CVE-2025-59059: Apache Ranger: Remote Code Execution Vulnerability in NashornScriptEngineCreator https://t.co/VU24BoIYUe Both are "Severity: low"
@oss_security
8 Mar 2026
584 Impressions
0 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-59059 - Critical Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions &lt;= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this is... https://t.co/rFIo7eHsRB https://t.co/I4QyDThGOr
@TheHackerWire
3 Mar 2026
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-59059 - Critical Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions &lt;= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this is... https://t.co/rFIo7eHsRB https://t.co/rBTAygaU2L
@TheHackerWire
3 Mar 2026
87 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-59059 - Critical Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions &lt;= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this is... https://t.co/rFIo7eHsRB https://t.co/wWOezypHQG
@TheHackerWire
3 Mar 2026
86 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨*CVE* CVE-2025-59059 Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.0, w… https://t.co/1oZViDdeTf ----- Traducción: CVE-2025-59059 Vul… https://t.co/utm
@infoflowcloud
3 Mar 2026
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-59059 Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.0, w… https://t.co/GuOzCWdCmT
@CVEnew
3 Mar 2026
435 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-59059 CVE-2025-59059 https://t.co/gqdGrPA1dG
@VulmonFeeds
3 Mar 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:ranger:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84DF6259-5A5F-453F-B618-EDEE707BBEF5",
"versionEndExcluding": "2.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]