CVE Database Threat Actors Research Advisory API Docs

Visit Strobes.co Sign Up for Strobes

CVE Database Threat Actors Research Advisory API Docs

Tools

Visit Strobes.co Sign Up for Strobes

HomeAdvisory

Strobes Advisory

Vulnerability disclosures from our security research team

Do you like the insights?

Strobes vulnerability intelligence is a key component of their Exposure Management platform that helps organizations understand, prioritize, and address security vulnerabilities more effectively.

© 2026 Strobes Security. All rights reserved.

HomeAdvisory

Strobes Advisory

Vulnerability disclosures from our security research team

Allcriticalhighmediumlow

High8.1Reported

Apache Solr Path Traversal and XXE Attack Chain

Apache Solr

A chain of path traversal via replication and XXE via XSLT allows authenticated users to read sensitive Solr configuration files including security.json with password hashes.

Strobes Security Research

January 28, 2026

Medium6.5CVE Pending

Apache Solr Streaming Daemon Privilege Escalation

Apache Solr

Users with only read permission can create unlimited persistent daemon processes via the Streaming Expressions endpoint, leading to resource exhaustion and denial of service.

Strobes Security Research

January 28, 2026

High7.5Reported

Apache Solr JavaBin OOM Denial of Service

Apache Solr

A 7-byte JavaBin payload causes Apache Solr to attempt a 2GB memory allocation, resulting in OutOfMemoryError and complete server crash. Authenticated users with update permission can exploit this.

Strobes Security Research

January 28, 2026