Hello Tika Team,
Below link has info about the BC-JAVA related CVEs and list are
CVE-2025-14813 Affected version 1.59 up to but excluding 1.84
CVE-2026-0636 Affected version BC-JAVA bcprov modules between versions 1.74 and 1.83
CVE-2026-3505 affecting versions from 1.74 up to (but not including) 1.84
CVE-2026-5588 affects BC-JAVA: from 1.67 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11; BCPIX-LTS: from 2.73.7 before 2.73.11.
Kindly provide your analysis on listed CVEs in Tika 3.x latest stream and any plan to fix in the Tika 4.x stream. If it is impacted kindly share the modules that affect.
Thanks in advance.
Regards,
Saravanan B
