CVE-2026-41293

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.0.M1 through 9.0.117 Apache Tomcat versions 10.0.0-M1 through 10.0.27

Description Improper Input Validation occurs in Apache Tomcat, which can lead to security issues when the software fails to properly validate input data.

Recommendations Upgrade to version [FIXED VERSION].

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BIT-TOMCAT-2026-41293

CVE-2026-41293

GHSA-R29C-68GH-XP6X

OESA-2026-2296

OPENSUSE-SU-2026:10925-1

OPENSUSE-SU-2026:10926-1

OPENSUSE-SU-2026:10927-1

Affected Products

Apache Tomcat

CVE-2026-41293

Weakness Enumeration

Related Identifiers

Affected Products

References · 42