Lucene search
+L

1261 matches found

cve
cve
added 2026/07/09 12:0 a.m.6 views

CVE-2026-31267

Mercusys MW302R MW302R(EU)_V1_1.4.10 Build 231023 is affected by a stack-based buffer overflow in the administrative web interface. The flaw permits an authenticated, admin-privileged attacker to crash the system by sending a specially crafted request, yielding denial of service through control-f...

5.7CVSS6.2AI score0.00198EPSS
Exploits0References2
osv
osv
added 2026/07/06 4:18 p.m.6 views

BIT-TOMCAT-2026-55276 Apache Tomcat: Logged effective web.xml is incomplete

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0 through 11.0.22, from 10.1.0 through 10.1.55, from 9.0.0...

9.1CVSS6AI score0.00368EPSS
Exploits0References3
osv
osv
added 2026/07/06 4:18 p.m.6 views

BIT-TOMCAT-2026-53404 Apache Tomcat: Bad ornext processing in RewriteValve

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0 through 11.0.22, from 10.1.0 through 10.1.55, from 9.0.0...

7.3CVSS5.9AI score0.00413EPSS
Exploits0References3
susecve
susecve
added 2026/07/01 3:15 a.m.6 views

SUSE CVE-2026-55276

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

3.3CVSS6AI score0.00368EPSS
Exploits0References3
nessus
nessus
added 2026/06/30 12:0 a.m.9 views

Apache Tomcat 9.0.0.M1 < 9.0.119 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.119. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.119security-9 advisory. - Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles...

9.1CVSS6.1AI score0.02569EPSS
Exploits1References13
snyk
snyk
added 2026/06/29 10:23 p.m.5 views

Always-Incorrect Control Flow Implementation

Overview org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to incorrect control flow in the RewriteValve process. An attacker can bypass...

7.3CVSS5.8AI score0.00413EPSS
Exploits0References2
nvd
nvd
added 2026/06/29 9:16 p.m.9 views

CVE-2026-55276

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

9.1CVSS0.00368EPSS
Exploits0References2
nvd
nvd
added 2026/06/29 9:16 p.m.22 views

CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

7.3CVSS0.00413EPSS
Exploits0References2
osv
osv
added 2026/06/29 9:16 p.m.8 views

DEBIAN-CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

7.3CVSS5.7AI score0.00413EPSS
Exploits0References1
osv
osv
added 2026/06/29 9:16 p.m.6 views

UBUNTU-CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

7.3CVSS5.7AI score0.00413EPSS
Exploits0References8
osv
osv
added 2026/06/29 9:16 p.m.6 views

UBUNTU-CVE-2026-55276

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References10
cvelist
cvelist
added 2026/06/29 8:42 p.m.52 views

CVE-2026-55276 Apache Tomcat: Logged effective web.xml is incomplete

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

0.00368EPSS
Exploits0References1
cve
cve
added 2026/06/29 8:42 p.m.90 views

CVE-2026-55276

Apache Tomcat vulnerability CVE-2026-55276 is a logging-only issue caused by an always-incorrect control flow in the effective web.xml, leading to special roles and empty authorization constraints not being shown. Affected products include Tomcat 8.5.0–8.5.100, 9.0.0.M1–9.0.118, 10.1.0-M1–10.1.55...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/06/29 8:39 p.m.4 views

CVE-2026-53404 Apache Tomcat: Bad ornext processing in RewriteValve

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

7.3CVSS5.9AI score0.00413EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/29 8:39 p.m.52 views

CVE-2026-53404 Apache Tomcat: Bad ornext processing in RewriteValve

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

0.00413EPSS
Exploits0References1
debiancve
debiancve
added 2026/06/29 8:39 p.m.8 views

CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

7.3CVSS5.7AI score0.00413EPSS
Exploits0
attackerkb
attackerkb
added 2026/06/29 8:39 p.m.5 views

CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

5.7AI score0.00413EPSS
Exploits0References2Affected Software1
redhat
redhat
added 2026/06/29 9:2 a.m.2 views

tomcat: Apache Tomcat: Misleading security logs due to incorrect control flow

A flaw was found in Apache Tomcat. Due to an always-incorrect control flow implementation, special roles and empty authorization constraints were not accurately included when the effective web.xml configuration was logged. This could lead to a security oversight where administrators might...

9.1CVSS6AI score0.00368EPSS
Exploits0References5
redhat
redhat
added 2026/06/29 9:2 a.m.3 views

Apache Tomcat: Apache Tomcat: Incorrect control flow in rewrite valve allows unexpected rule processing

A flaw was found in Apache Tomcat's rewrite valve. This vulnerability involves an incorrect control flow implementation where, during the processing of rewrite rules, if the first condition in an OR chain matched, subsequent non-OR conditions were unexpectedly skipped. This can lead to unintended...

7.3CVSS6.1AI score0.00413EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/29 12:0 a.m.11 views

PT-2026-53743

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.22 Apache Tomcat versions 10.1.0-M1 through 10.1.55 Apache Tomcat versions 9.0.0.M1 through 9.0.118 Apache Tomcat versions 8.5.0 through 8.5.100 Description An always-incorrect control flow...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References46
Rows per page
Query Builder