Apache releases security advisory for Tomcat
The Apache Software Foundation has released a security advisory to address the vulnerabilities in multiple versions of Tomcat. A remote attacker could exploit these vulnerabilities (CVE-2026-50229, CVE-2026-53404, CVE-2026-53434, CVE-2026-55276, CVE-2026-55955, CVE-2026-55956, CVE-2026-55957) to trigger elevation of privilege, cross-site scripting and security restriction bypass on the targeted system. Apache fixed vulnerabilities in Apache Tomcat versions 11.0.23, 10.1.56, 9.0.119.
Detailed information on vulnerabilities and updates can be found in Apache’s security advisories – apache.org
03 July 2026