BIT-TOMCAT-2026-55957 Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind
Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0 through 11.0.4, from 10.1.0 through...