Critical Vulnerability in Lucee Allows Remote Code Execution

A critical vulnerability in Lucee (CVE-2025-34074) allows remote code execution (RCE) through the abuse of scheduled tasks. A Metasploit module exploiting this vulnerability has been made public. This vulnerability can be exploited to gain unauthorized access and execute malicious code on affected systems. Additionally, Apache components have been targeted by massive attacks.