Class based , object oriented programming language. Designed to have less dependencies as possible. The syntex of Java is smilier to C and C++. Commonly used for client-server applications. Java files are compiled by JVM (Java Virtual Machine)

Java

### Impact
Anyone using untrusted message components may be affected. On versions >=6.0.0,<6.1.3 of JDA, the requester will attempt to download external media URLs from components if they are used in an update or send request.
If you are used `Message#getComponents` or similar to get a list of components and then send those components with `sendMessageComponents` or other methods, you might unintentionally download media from an external URL in the resolved media of a `Thumbnail`, `FileDisplay`, or `MediaGallery`.
### Patches
This bug has been fixed in 6.1.3, and we recommend updating.
### Workarounds
Avoid sending components from untrusted messages or update to version 6.1.3.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-15104	MEDIUM	6.9	JavaScript	vnu-jar	No	No	Jan 16, 2026
CVE-2026-1002	MEDIUM	6.9	Java	apicurio-registry	No	Yes	Jan 15, 2026
CVE-2025-66169	MEDIUM	5.3	Java	org.apache.camel:camel-neo4j	No	Yes	Jan 14, 2026
CVE-2026-0858	MEDIUM	5.1	Java	net.sourceforge.plantuml:plantuml	No	Yes	Jan 16, 2026
CVE-2026-0976	LOW	3.7	Java	keycloak	No	Yes	Jan 15, 2026

GHSA-93fv-4pm9-xp28:
Java vulnerability analysis and mitigation

Impact

Patches

Workarounds

6.9

Related Java vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

GHSA-93fv-4pm9-xp28: Java vulnerability analysis and mitigation