Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsStudyTraining
ProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Study
Training
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1310+ Articles
157+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
8 articles

#Java

All CosmicBytez Labs articles tagged #Java, across news, security advisories, how-to guides, and projects.

  • SecurityMay 20, 2026

    GlassFish Administration Console Authenticated RCE

    An authenticated Remote Code Execution vulnerability in GlassFish's Administration Console (CVSS 9.1) allows users with panel access to execute arbitrary...

  • SecurityMay 20, 2026

    GlassFish Gadget Handler Expression Language RCE

    A critical CVSS 9.6 Remote Code Execution vulnerability in GlassFish's server-side gadget handler allows attackers to inject Expression Language...

  • SecurityMay 2, 2026

    CVE-2026-42779: Critical Apache MINA Deserialization Class

    An incomplete fix for CVE-2026-41635 leaves Apache MINA 2.1.x and 2.2.x branches exposed to a critical deserialization bypass via...

  • SecurityMay 1, 2026

    Apache MINA Incomplete Deserialization Patch Leaves 2.1.X

    Apache MINA versions 2.1.X and 2.2.X remain vulnerable to unauthenticated remote code execution because the fix for CVE-2026-41409 was never backported,...

  • SecurityApr 28, 2026

    CVE-2026-40860: Apache Camel JMS Unsafe ObjectMessage

    Apache Camel's JmsBinding class in camel-jms and camel-sjms deserializes incoming JMS ObjectMessage payloads via javax.jms.ObjectMessage.getObject()...

  • SecurityApr 28, 2026

    CVE-2026-41635: Apache MINA Class Allowlist Bypass Enables

    Apache MINA's AbstractIoBuffer.resolveClass() contains a branch for static classes and primitive types that skips allowlist validation entirely, letting...

  • SecurityApr 22, 2026

    CVE-2026-22753: Spring Security Filter Chain Bypass via

    A high-severity flaw in Spring Security allows security filter chains to silently fail to match requests when PathPatternRequestMatcher.Builder is used to...

  • SecurityFeb 6, 2026

    Apache Struts Critical RCE via OGNL Injection Returns

    A new critical OGNL injection vulnerability in Apache Struts allows unauthenticated remote code execution, reminiscent of the 2017 Equifax breach vector....