CVE Catalog

CVE-2026-41293

Critical
Published: Translated: NVD NIST

Summary

The vulnerability related to improper input validation in Apache Tomcat may lead to unauthorized access or data manipulation. It affects versions from 11.0.0-M1 to 11.0.21, from 10.1.0-M1 to 10.1.54, from 9.0.0.M1 to 9.0.117, and from 10.0.0-M1 to 10.0.27.

Risk Assessment

Organizations using vulnerable versions of Apache Tomcat may be exposed to attacks that could lead to data disclosure or system integrity breaches. Older, end-of-support versions may also be at risk.

Recommendation

It is recommended to upgrade to version [FIXED_VERSION], which addresses this vulnerability. Regular software updates are crucial for maintaining system security.

Original NVD description (English source)

Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end of support versions may also be affected. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS