A remote code execution (RCE) flaw rated with the highest severity has been uncovered in Apache Parquet, a common data storage format used in large-scale analytics environments, reported by BleepingComputer. The vulnerability, identified as CVE-2025-30065, affects all versions up to 1.15.0 and could be exploited to compromise systems that import malicious Parquet files., major platforms including AWS, Google Cloud, Microsoft Azure, and Hadoop could be at risk due to their reliance on Parquet in data processing pipelines.
The flaw stems from how Parquet handles schema parsing, specifically its deserialization of untrusted data. This creates an opening for attackers to execute arbitrary code on vulnerable systems. If triggered, the vulnerability could enable system access, data tampering, service outages, or even ransomware deployment. Apache has addressed the issue with the release of version 1.15.1. Endor Labs, which analyzed the vulnerability, warns that the risk is significant but not automatic—it depends on the ingestion of a malicious file.
Apache Parquet is a columnar storage format optimized for performance in analytical workflows. It is integral to many cloud-based and enterprise data systems and is commonly used in data lakes and ETL processes. Companies such as Netflix, LinkedIn, and Airbnb rely on it for scalable data operations. The security flaw, discovered by an Amazon researcher, was disclosed responsibly on April 1, 2025, and highlights the importance of vigilance in managing dependencies within complex data ecosystems.
For organizations unable to upgrade immediately, recommended precautions include avoiding untrusted Parquet sources, enhancing file validation protocols, and increasing system monitoring. While exploitation requires specific conditions, the potential impact across the big data landscape is serious enough to warrant swift action.
