Every CVE whose affected-product data names Apache Commons Vfs, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-27553 — CVSS 7.5 (high): Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has a 'resolveFile' method…
CVE-2025-30474 — CVSS 5.0 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an…