Critical gap closed with maximum rating in Apache Parquet If big data systems rely on the Apache Parquet open source file format for data processing, attacks may be imminent.

Apache Parquet, a columnar storage file format, was carrying a maximum-severity vulnerability that allowed threat actors to run arbitrary code on affected endpoints.

A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0.

A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances. The vulnerability, tracked as CVE-2025-30065 ...