Wso2 Org Apache Synapse Synapse Extensions
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Wso2 Org Apache Synapse Synapse Extensions.
By the Year
In 2026 there have been 0 vulnerabilities in Wso2 Org Apache Synapse Synapse Extensions. Last year, in 2025 Org Apache Synapse Synapse Extensions had 1 security vulnerability published. Right now, Org Apache Synapse Synapse Extensions is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 8.40 |
It may take a day or so for new Org Apache Synapse Synapse Extensions vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Wso2 Org Apache Synapse Synapse Extensions Security Vulnerabilities
Arbitrary Code Exec via Unrestricted GraalJS/NashornJS in WSO2 Integrators
CVE-2025-11093
8.4 - High
- November 05, 2025
An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient restrictions in the GraalJS and NashornJS Script Mediator engines. Authenticated users with elevated privileges can execute arbitrary code within the integration runtime environment. By default, access to these scripting engines is limited to administrators in WSO2 Micro Integrator and WSO2 Enterprise Integrator, while in WSO2 API Manager, access extends to both administrators and API creators. This may allow trusted-but-privileged users to perform unauthorized actions or compromise the execution environment.
Code Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Wso2 Org Apache Synapse Synapse Extensions or by Wso2? Click the Watch button to subscribe.
