CVE-2026-34486 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-34486 PUBLISHED CVSS 7.5 HIGH

Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Bitnami	tomcat	9.0.116, 10.1.53, 11.0.20

Timeline

Apr 9, 2026 CVE Published
Apr 9, 2026 PoC Published
Apr 10, 2026 PoC Published
Apr 10, 2026 Security Advisory

References

Open in Interactive Console →