A newly disclosed high-severity vulnerability in Apache NiFi exposes systems to an authorization bypass that could allow lower-privileged users to modify restricted components. Tracked as CVE-2026-25903, the flaw impacts Apache NiFi versions 1.1.0 through 2.7.2 and has been fixed in version 2.8.0. According to the Apache NiFi security advisory, the issue arises from missing authorization checks when updating configuration properties of […] The post Apache NiFi Vulnerability Enables Authorization Bypass appeared first on Cyber Security News.