CVE-2025-60021

Severity CVSS v4.0:

Pending analysis

Type:

CWE-77 Command Injection

Publication date:

16/01/2026

Last modified:

16/01/2026

Description

Remote command injection vulnerability in heap profiler builtin service in Apache bRPC ((all versions

Impact

References to Advisories, Solutions, and Tools

https://lists.apache.org/thread/xy51d2fx6drzhfp92xptsx5845q7b37m