VIR Vulnerability Intelligence Relay

Package impact

java MAVEN / org.apache.tomcat:tomcat-catalina

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-43512 critical 9.8 9.8 18d ago Apache Tomcat - Digest authenticator will authenticate any unknown user
CVE-2026-41293 critical 9.8 9.8 18d ago Apache Tomcat - HTTP/2 request headers not validated
CVE-2025-55754 critical 9.6 9.6 11d ago Apache Tomcat Vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences
CVE-2026-43515 critical 9.1 9.1 18d ago Apache Tomcat - Security constraints not correctly applied
CVE-2025-61795 medium 5.3 5.3 7mo ago Apache Tomcat Vulnerable to Improper Resource Shutdown or Release
CVE-2026-43514 low 3.7 3.7 18d ago Apache Tomcat - AJP secret compared in non-constant time
CVE-2024-54677 low 2.5 2y ago Apache Tomcat Uncontrolled Resource Consumption vulnerability