| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2026-29129 |
high |
— |
8.0 |
2mo ago |
Apache Tomcat: Configured cipher preference order not preserved |
|
| CVE-2020-13934 |
high |
— |
8.0 |
4y ago |
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat |
|
| CVE-2026-43513 |
high |
7.5 |
7.5 |
16d ago |
Apache Tomcat: LockOutRealm treats user names as case-sensitive |
|
| CVE-2026-41284 |
high |
7.5 |
7.5 |
16d ago |
Apache Tomcat: Unbounded read in WebDAV LOCK and PROPFIND handling |
|
| CVE-2025-55752 |
high |
7.5 |
7.5 |
6mo ago |
Important: tomcat security update |
+2 |
| CVE-2026-42498 |
high |
7.3 |
7.3 |
16d ago |
Apache Tomcat - WebSocket authentication header exposure |
|