Announcements 2026

Skip to: Announcements - 2025

11 January 2026 - CVE-2025-68493: XXE vulnerability in XWork component

The Apache Struts group recommends upgrading to at least Apache Struts version 6.1.1 to mitigate potential security vulnerability.

Please read the Security Bulletin S2-069 to find more details about this security vulnerability

All developers are strongly advised to perform this upgrade.

You can download the latest version from our download page.

Skip to: Announcements - 2025

Next: Kickstart FAQ