Lucene search
K

CVE-2026-24880

🗓️ 09 Apr 2026 19:12:10Reported by Debian Security Bug TrackerType 
debiancve
 debiancve
🔗 security-tracker.debian.org👁 4 Views

Tomcat HTTP request smuggling via invalid chunk extension; affects multiple versions and upgrade to safe releases.

Related
Packages
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM DataStax Enterprise
27 May 202617:14
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in Apache Tomcat Server library (CVE-2026-41293, CVE-2026-24880) affect Power HMC.
1 Jul 202616:49
ibm
IBM Security Bulletins
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in tomcat-embed-core-11.0.18.jar
13 May 202616:45
ibm
IBM Security Bulletins
Security Bulletin: IBM Integration Bus for z/OS is vulnerable to multiple vulnerabilities due to Apache Tomcat
14 May 202614:09
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in Apache Tomcat and Lodash might affect IBM Storage Defender Copy Data Management
4 May 202616:20
ibm
IBM Security Bulletins
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple issues in tomcat-embed-core [CVE-2026-24880, CVE-2026-25854, CVE-2026-29129, CVE-2026-29145, CVE-2026-29146, CVE-2026-32990, CVE-2026-34483, CVE-2026-34487, CVE-2026-3450]
18 Jun 202619:57
ibm
IBM Security Bulletins
Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilites
6 Jul 202610:01
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in Spring, Tomcat, Netty, Picomatch might affect IBM Storage Protect Plus
25 Jun 202618:37
ibm
IBM Security Bulletins
Security Bulletin: IBM DevOps Deploy / UrbanCode Deploy (UCD) is affected by a HTTP Request/Response Smuggling vulnerablity in Apache Tomcat (CVE-2026-24880)
19 Jun 202614:43
ibm
IBM Security Bulletins
Security Bulletin: The Apache Tomcat application server that is shipped with IBM ApplinX is vulnerable to multiple vulnerabilities.
16 Jun 202617:54
ibm
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Debian14anytomcat1010.1.54-1tomcat10_10.1.54-1_any.deb
Debian999anytomcat1010.1.54-1tomcat10_10.1.54-1_any.deb
Debian12anytomcat1010.1.55-1~deb12u1tomcat10_10.1.55-1~deb12u1_any.deb
Debian13anytomcat1010.1.55-1~deb13u1tomcat10_10.1.55-1~deb13u1_any.deb
Debian14anytomcat1111.0.21-1tomcat11_11.0.21-1_any.deb
Debian999anytomcat1111.0.21-1tomcat11_11.0.21-1_any.deb
Debian13anytomcat1111.0.22-1~deb13u1tomcat11_11.0.22-1~deb13u1_any.deb
Debian11anytomcat99.0.118-0+deb11u1tomcat9_9.0.118-0+deb11u1_any.deb
Debian12anytomcat99.0.70-2tomcat9_9.0.70-2_any.deb
Debian13anytomcat99.0.70-2tomcat9_9.0.70-2_any.deb
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

09 Apr 2026 19:12Current
5.2Medium risk
Vulners AI Score5.2
CVSS 3.17.5
EPSS0.00453
SSVC
4