Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.1 MEDIUM
CVE-2026-25854 — Apache Tomcat: Occasionally open redirect

Occasional URL redirection to untrusted Site ('Open Redirect') vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, fro…

tomcat | Remote | Misconfiguration
Apr 09, 2026 Apr 14, 2026
Apr 09, 2026
Apr 14, 2026
7.5 HIGH
CVE-2026-24880 — Apache Tomcat: Request smuggling via invalid chunk extension

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1 through …

tomcat | Remote | Misconfiguration
Apr 09, 2026 Apr 14, 2026
Apr 09, 2026
Apr 14, 2026
9.8 CRITICAL
CVE-2025-13926 — Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision

An attacker could use data obtained by sniffing the network traffic to forge packets in order to make arbitrary requests to Contemporary Controls BASC 20T.

Remote | Authentication
Apr 09, 2026 Apr 13, 2026
Apr 09, 2026
Apr 13, 2026
Showing 20 of 5703 Results