Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Snyk
Snykadded 2026/04/09 9:31 p.m.2 views

Improper Certificate Validation

Overview org.apache.tomcat:tomcat-coyote is a Tomcat Connectors and HTTP parser. Affected versions of this package are vulnerable to Improper Certificate Validation in getSSLHostConfig, which does not sufficiently account for all protocol host name inputs. An attacker can access sensitive...

9.1CVSS5.8AI score0.00208EPSS
Exploits0References2
OSV
OSVadded 2026/04/09 8:16 p.m.4 views

UBUNTU-CVE-2026-34486

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the...

7.5CVSS5.8AI score0.02218EPSS
Exploits5References3
ATTACKERKB
ATTACKERKBadded 2026/04/09 7:13 p.m.5 views

CVE-2026-25854

Occasional URL redirection to untrusted Site 'Open Redirect' vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M23 through 9.0.115, from 8.5.30 through 8.5.100. Other,...

5.8AI score0.00033EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/04/09 7:13 p.m.11 views

CVE-2026-25854

Summary (CVE-2026-25854) : An occasional open redirect vulnerability in Apache Tomcat arises via the LoadBalancerDrainingValve. Affected releases include Tomcat 11.0.0-M1 through 11.0.18, 10.1.0-M1 through 10.1.52, 9.0.0.M23 through 9.0.115, and 8.5.30 through 8.5.100; other unsupported versions ...

6.1CVSS5.8AI score0.00033EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/09 7:13 p.m.2 views

CVE-2026-25854 Apache Tomcat: Occasionally open redirect

Occasional URL redirection to untrusted Site 'Open Redirect' vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M23 through 9.0.115, from 8.5.30 through 8.5.100. Other,...

5.8AI score0.00033EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/09 12:0 a.m.3 views

PT-2026-31697

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.18, 10.1.0-M1 through 10.1.52, 9.0.0.M23 through 9.0.115, and 8.5.30 through 8.5.100. Description An open redirect issue exists in Apache Tomcat due to a flaw in the LoadBalancerDrainingValve. This...

7.5CVSS5.8AI score0.12919EPSS
Exploits6References59
OpenVAS
OpenVASadded 2023/10/19 12:0 a.m.12 views

Oracle Java SE Security Update (oct2023) 03 - Linux

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6AI score0.00098EPSS
Exploits0References1
OpenVAS
OpenVASadded 2018/02/20 12:0 a.m.299 views

Kentico CMS 9.x <= 11.0.20 XSS Vulnerability

Kentico CMS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kentico:kentico...

4.8CVSS4.9AI score0.00157EPSS
Exploits3References1
Rows per page
Query Builder