CVE-2021-30128

Confirmed PUBLISHED

Unsafe deserialization in Apache OFBiz

Apache Software Foundation · Apache OFBiz

Not yet in CISA KEV

Exploited in the wild Active exploitation observed PoC available Virtual patch available

Recommended Action

Prioritize immediate patching and validate internet-facing exposure. Monitor for matching exploitation attempts in your environment.

Confidence
Confirmed
Exploitation Status
Active exploitation observed
Observed in Sensors
Yes
Attempts (30d)
33
Unique Attacker IPs
5
CISA KEV
Not yet in CISA KEV
Virtual Patch
Yes 3 targets
CVSS / EPSS
9.8 Critical EPSS 81.1%

At a Glance

Apache OFBiz has unsafe deserialization prior to 17.12.07 version

apache nuclei_scanner
CVE Published
Apr 27, 2021
Exploitation Reported
Jun 12, 2026
CVSS
9.8 Critical
EPSS
81.1%
Remote Low complexity No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
Apache Software Foundation
Apache OFBiz

Apache OFBiz to < 17.12.07

Affected

CVE References

Show 5 more references

Recommended Actions

  • Prioritize immediate patching and validate internet-facing exposure. Monitor for matching exploitation attempts in your environment.
  • Review sensor telemetry for request paths, attacker IPs, and payload patterns that may inform detection and exposure validation.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.