Medium severity6.1NVD Advisory· Published Apr 9, 2026· Updated Apr 14, 2026
CVE-2026-25854
CVE-2026-25854
Description
Occasional URL redirection to untrusted Site ('Open Redirect') vulnerability in Apache Tomcat via the LoadBalancerDrainingValve.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M23 through 9.0.115, from 8.5.30 through 8.5.100. Other, unsupported versions may also be affected
Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.tomcat:tomcat-catalinaMaven | >= 8.5.30, < 9.0.116 | 9.0.116 |
org.apache.tomcat:tomcat-catalinaMaven | >= 10.1.0-M1, < 10.1.53 | 10.1.53 |
org.apache.tomcat:tomcat-catalinaMaven | >= 11.0.0-M1, < 11.0.20 | 11.0.20 |
org.apache.tomcat:tomcatMaven | >= 8.5.30, < 9.0.116 | 9.0.116 |
org.apache.tomcat:tomcatMaven | >= 10.1.0-M1, < 10.1.53 | 10.1.53 |
org.apache.tomcat:tomcatMaven | >= 11.0.0-M1, < 11.0.20 | 11.0.20 |
org.apache.tomcat.embed:tomcat-embed-coreMaven | >= 8.5.30, < 9.0.116 | 9.0.116 |
org.apache.tomcat.embed:tomcat-embed-coreMaven | >= 10.1.0-M1, < 10.1.53 | 10.1.53 |
org.apache.tomcat.embed:tomcat-embed-coreMaven | >= 11.0.0-M1, < 11.0.20 | 11.0.20 |
Affected products
61cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*range: >=9.0.1,<9.0.116
- cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*
- osv-coords55 versionspkg:apk/chainguard/camunda-8.8pkg:apk/chainguard/camunda-zeebe-8.6pkg:apk/chainguard/camunda-zeebe-8.7pkg:apk/chainguard/camunda-zeebe-8.8pkg:apk/chainguard/kayenta-2025.0pkg:apk/chainguard/kayenta-2025.1pkg:apk/chainguard/kayenta-2025.2pkg:apk/chainguard/kayenta-2025.4pkg:apk/chainguard/kayenta-2026.0pkg:apk/chainguard/kayenta-fips-2025.0pkg:apk/chainguard/kayenta-fips-2025.1pkg:apk/chainguard/kayenta-fips-2025.2pkg:apk/chainguard/kayenta-fips-2025.4pkg:apk/chainguard/kayenta-fips-2026.0pkg:apk/chainguard/nacospkg:apk/chainguard/nacos-dockerpkg:apk/chainguard/ontoppkg:apk/chainguard/ontop-fipspkg:apk/chainguard/thingsboard-tb-mqtt-transportpkg:apk/chainguard/thingsboard-tb-nodepkg:apk/wolfi/thingsboard-tb-mqtt-transportpkg:apk/wolfi/thingsboard-tb-nodepkg:bitnami/tomcatpkg:maven/org.apache.tomcat.embed/tomcat-embed-corepkg:maven/org.apache.tomcat/tomcatpkg:maven/org.apache.tomcat/tomcat-catalinapkg:rpm/opensuse/tomcat10&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/tomcat10&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/tomcat11&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/tomcat11&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/tomcat&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/tomcat&distro=openSUSE%20Tumbleweedpkg:rpm/suse/tomcat10&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/tomcat10&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/tomcat10&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2015%20SP7pkg:rpm/suse/tomcat10&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/tomcat10&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/tomcat10&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/tomcat10&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/tomcat11&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2015%20SP7pkg:rpm/suse/tomcat11&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/tomcat11&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2015%20SP7pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 8.8.22-r0+ 54 more
- (no CPE)range: < 8.8.22-r0
- (no CPE)range: < 8.6.39-r0
- (no CPE)range: < 8.7.27-r0
- (no CPE)range: < 8.8.22-r0
- (no CPE)range: < 2025.0.8-r11
- (no CPE)range: < 2025.1.6-r9
- (no CPE)range: < 2025.2.4-r5
- (no CPE)range: < 2025.4.3-r6
- (no CPE)range: < 2026.0.2-r6
- (no CPE)range: < 2025.0.8-r13
- (no CPE)range: < 2025.1.6-r10
- (no CPE)range: < 2025.2.4-r6
- (no CPE)range: < 2025.4.3-r7
- (no CPE)range: < 2026.0.2-r7
- (no CPE)range: < 3.2.0-r6
- (no CPE)range: < 3.2.0-r2
- (no CPE)range: < 5.5.0-r8
- (no CPE)range: < 5.5.0-r4
- (no CPE)range: < 4.3.1.1-r11
- (no CPE)range: < 4.3.1.1-r11
- (no CPE)range: < 4.3.1.1-r11
- (no CPE)range: < 4.3.1.1-r11
- (no CPE)range: >= 8.5.30, < 9.0.116
- (no CPE)range: >= 8.5.30, < 9.0.116
- (no CPE)range: >= 8.5.30, < 9.0.116
- (no CPE)range: >= 8.5.30, < 9.0.116
- (no CPE)range: < 10.1.54-160000.1.1
- (no CPE)range: < 10.1.54-1.1
- (no CPE)range: < 11.0.21-160000.1.1
- (no CPE)range: < 11.0.21-1.1
- (no CPE)range: < 9.0.117-160000.1.1
- (no CPE)range: < 9.0.117-1.1
- (no CPE)range: < 10.1.54-150200.5.64.1
- (no CPE)range: < 10.1.54-150200.5.64.1
- (no CPE)range: < 10.1.54-150200.5.64.1
- (no CPE)range: < 10.1.54-150200.5.64.1
- (no CPE)range: < 10.1.54-150200.5.64.1
- (no CPE)range: < 10.1.54-150200.5.64.1
- (no CPE)range: < 10.1.54-150200.5.64.1
- (no CPE)range: < 11.0.21-150600.13.18.1
- (no CPE)range: < 11.0.21-150600.13.18.1
- (no CPE)range: < 11.0.21-150600.13.18.1
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-3.163.2
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-150200.105.1
- (no CPE)range: < 9.0.117-3.163.2
Patches
Vulnerability mechanics
References
4- www.openwall.com/lists/oss-security/2026/04/09/21nvdMailing ListThird Party AdvisoryWEB
- github.com/advisories/GHSA-9m3c-qcxr-9x87ghsaADVISORY
- lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0nvdMailing ListVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2026-25854ghsaADVISORY
News mentions
0No linked articles in our index yet.