CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

CVE-2026-43515

Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from...

9.1CVSS5.8AI score0.00095EPSS

Exploits0References1

OSV•added 5 days ago•6 views

USN-8383-1 tomcat6, tomcat7 vulnerabilities

It was discovered that Tomcat incorrectly handled digest authentication. A remote attacker could possibly use this issue to bypass authentication restrictions. CVE-2026-43512 It was discovered that Tomcat incorrectly handled case sensitivity in LockOutRealm. A remote attacker could possibly use...

9.8CVSS5.9AI score0.00139EPSS

Exploits1References4

Ubuntu•added 5 days ago•7 views

USN-8383-1: Tomcat vulnerabilities

9.8CVSS7.6AI score0.00139EPSS

Exploits1

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в tomcat9

Improper authorization vulnerability occurs when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: versions 11.0.0-M1 through 11.0.21, 10.1.0-M1 through 10.1.54, 9.0.0.M1 through 9.0.117, 8.5.0 through 8.5.100, and 7.0.0...

9.1CVSS5.8AI score0.00095EPSS

Exploits0References1

OSV•added 2026/05/14 11:56 a.m.•4 views

BIT-TOMCAT-2026-43515 Apache Tomcat: Security constraints not correctly applied

Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0 through 11.0.21, from 10.1.0 through 10.1.54, from 9.0.0 through 9.0.117, from 8.5.0 through 8.5.100, from 7.0.0 throu...

9.1CVSS5.8AI score0.00095EPSS

Exploits0References3

SUSE CVE•added 2026/05/13 2:21 p.m.•5 views

SUSE CVE-2026-43515

7.5CVSS5.8AI score0.00095EPSS

Exploits0References3

EUVD•added 2026/05/12 6:30 p.m.•6 views

EUVD-2026-29519

5.8AI score0.00095EPSS

Exploits0References3

Github Security Blog•added 2026/05/12 6:30 p.m.•7 views

Apache Tomcat - Security constraints not correctly applied

Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.0.M1 to 9.0.117 Older, unsupported versions may also be affected Description: When multiple security constraints defined an HTTP method constraint for the same extension pattern, only the...

9.1CVSS5.8AI score0.00095EPSS

Exploits0References10Affected Software3

Snyk•added 2026/05/12 5:22 p.m.•6 views

Improper Authorization

Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Improper Authorization in the processing of security constraints when multiple method constraints define an HTTP method for the same extension. An attacker can...

9.1CVSS5.8AI score0.00095EPSS

Exploits0References2

Snyk•added 2026/05/12 5:22 p.m.•8 views

Improper Authorization

Overview tomcat:catalina is a library that contains Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Improper Authorization in the processing of security constraints when multiple method constraints define an HTTP method for the...

9.1CVSS5.8AI score0.00095EPSS

Exploits0References2

Snyk•added 2026/05/12 5:22 p.m.•6 views

Improper Authorization

Overview org.apache.tomcat:catalina is a Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Improper Authorization in the processing of security constraints when multiple method constraints define an HTTP method for the same extension. An...

9.1CVSS5.8AI score0.00095EPSS

Exploits0References2

OSV•added 2026/05/12 4:16 p.m.•0 views

DEBIAN-CVE-2026-43515

9.1CVSS5.8AI score0.00095EPSS

Exploits0References1

NVD•added 2026/05/12 4:16 p.m.•4 views

CVE-2026-43515

9.1CVSS0.00095EPSS

Exploits0References2

OSV•added 2026/05/12 4:16 p.m.•0 views

UBUNTU-CVE-2026-43515

9.1CVSS5.8AI score0.00095EPSS

Exploits0References3

UbuntuCve•added 2026/05/12 4:16 p.m.•7 views

CVE-2026-43515

9.1CVSS5.8AI score0.00095EPSS

Exploits0References1

Cvelist•added 2026/05/12 3:33 p.m.•48 views

CVE-2026-43515 Apache Tomcat: Security constraints not correctly applied

0.00095EPSS

Exploits0References1

Vulnrichment•added 2026/05/12 3:33 p.m.•6 views

CVE-2026-43515 Apache Tomcat: Security constraints not correctly applied

5.8AI score0.00095EPSS

Exploits0References1

CVE•added 2026/05/12 3:33 p.m.•33 views

CVE-2026-43515

The CVE-2026-43515 issue is an Improper Authorization flaw in Apache Tomcat caused by multiple method constraints defining the HTTP method for the same extension. Affected versions include Tomcat 11.0.0-M1–11.0.21, 10.1.0-M1–10.1.54, 9.0.0.M1–9.0.117, 8.5.0–8.5.100, and 7.0.0–7.0.109. Mitigation ...

9.1CVSS5.8AI score0.00095EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/05/12 3:33 p.m.•4 views

CVE-2026-43515

9.1CVSS5.8AI score0.00095EPSS

Exploits0

Positive Technologies•added 2026/05/12 12:0 a.m.•9 views

PT-2026-40074

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.0.M1 through 9.0.117 Apache Tomcat versions 8.5.0 through 8.5.100 Apache Tomcat versions 7.0.0 through 7.0.109...

9.8CVSS5.8AI score0.00139EPSS

Exploits1References46

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by