Apache Parquet exploit tool detect servers vulnerable to critical flaw

A proof-of-concept exploit tool has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. The tool was released by F5 Labs researchers who investigated the vulnerability after finding that multiple existing PoCs were either weak or completely non-functional. The tool serves as proof of CVE-2025-30065's practical exploitability and can also help administrators evaluate their environments and secure servers. Apache Parquet is an open-source, columnar storage format designed for efficient data processing, widely used by big data platforms and organizations engaged in data engineering and analytics. The flaw was first disclosed on April 1, 2025, following an earlier discovery by Amazon researcher Keyi Li. It was categorized as a remote code execution impacting all versions of Apache Parquet up to and including 1.15.0. From a technical perspective, CVE-2025-30065 is a deserialization flaw in the ... Read full article.