According to a recent LinkedIn post from HeroDevs, the company is drawing attention to two newly identified Apache Solr vulnerabilities, CVE-2026-22022 and CVE-2026-22444. The post suggests these issues involve authorization and file access gaps that could expose configuration data, file systems, and credentials, including via unauthenticated exploit paths and misconfigured APIs.
Claim 30% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
The company’s LinkedIn post highlights that widely used Solr versions may be impacted, creating remediation pressure for enterprises that rely on end-of-life deployments. The post also promotes HeroDevs’ Never-Ending Support offering for Apache Solr and Lucene, which is described as providing patched, drop-in replacements for older versions, potentially positioning the firm to capture demand from organizations delaying complex upgrades.
From an investor perspective, the post implies a growing market opportunity in third-party security and maintenance services for legacy open-source components. If security-conscious enterprises opt for paid support to mitigate these CVEs while deferring full migrations from Solr 8 to 9+, HeroDevs could see incremental revenue growth and strengthened positioning in the application security and DevSecOps ecosystem.
The emphasis on patching end-of-life software rather than forcing immediate upgrades may resonate with large organizations facing lengthy migration timelines. This could differentiate HeroDevs within the niche of long-term support providers for open-source infrastructure, although the post does not disclose pricing, customer adoption metrics, or any quantified financial impact at this stage.