CVE-2026-41284

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.0.M1 through 9.0.117

Description An issue exists involving the allocation of resources without limits or throttling.

Recommendations Upgrade to the fixed version for the affected versions of Apache Tomcat.

Fix

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

BIT-TOMCAT-2026-41284

CVE-2026-41284

GHSA-GX5V-XP9W-J4CG

OESA-2026-2296

OPENSUSE-SU-2026:10925-1

OPENSUSE-SU-2026:10926-1

OPENSUSE-SU-2026:10927-1

Affected Products

Apache Tomcat

CVE-2026-41284

Weakness Enumeration

Related Identifiers

Affected Products

References · 35