Every CVE whose affected-product data names Apache Lucene.net, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2026-47898 — CVSS 9.8 (critical): Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net (Lucene.Net.Analysis.Common library). This issue…
CVE-2024-43383 — CVSS 8.0 (high): Deserialization of Untrusted Data vulnerability in Apache Lucene.Net.Replicator. This issue affects Apache Lucene.NET's Replicator library…
CVE-2026-47896 — CVSS 7.5 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene.Net (Lucene.Net.Replicator…
CVE-2026-47897 — CVSS 7.5 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene.Net (Lucene.Net.Replicator…