CVE-2026-41293
EUVD-2026-2951412.05.2026, 16:16
Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end of support versions may also be affected. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue.Enginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| apache | tomcat | 𝑥 ≤ 11.0.21 | CNA |
| apache | tomcat | 𝑥 ≤ 10.1.54 | CNA |
| apache | tomcat | 9.0.0.M1 ≤ 𝑥 ≤ 9.0.117 | CNA |
| apache | tomcat | 𝑥 ≤ 10.0.27 | CNA |
| apache | tomcat | 8.5.0 ≤ 𝑥 ≤ 8.5.100 | CNA |
Common Weakness Enumeration