Apache disclosed a Tomcat flaw (CVE-2026-24733) that can bypass access controls via legacy HTTP/0.9 requests under specific configurations.
First seen on esecurityplanet.com
Jump to article: www.esecurityplanet.com/threats/apache-tomcat-vulnerability-circumvents-access-rules/
