BIT-TOMCAT-2026-34500 Apache Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled

CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0 through 11.0.20, from 10.1.22 through 10.1.53, from 9.0.92 through 9.0.116. Users are recommended to upgrade to version...

EUVD-2026-21010

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

PT-2024-19394 · Nextcloud · Nextcloud Files Zip App

Name of the Vulnerable Software and Affected Versions: Nextcloud files Zip app versions prior to 1.2.1 Nextcloud files Zip app versions prior to 1.4.1 Nextcloud files Zip app versions prior to 1.5.0 Description: The Nextcloud files Zip app is a tool to create zip archives from one or multiple fil...

CVE (2023-34298) Ivanti Secure Access Client Local Privilege Escalation

Summary A logged in Windows user can leverage functionality of the Pulse Secure / Ivanti Secure Access Client or Pulse Secure Installer Service to carry out a privilege escalation on the user machine. Mitigation None Currently Related Links https://forums.ivanti.com/s/article/New-Client-Side...