THREAT OPS › Threat News › [NVD] CVE-2026-24734 (HIGH 7.5) — Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat.
When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revo
[NVD] CVE-2026-24734 (HIGH 7.5) — Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revo
CVE-2026-24734 CVSS: 7.5 HIGH Published: 2026-02-17T19:21:56.953
Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat.
When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed.
This issue affects Apache Tomc
Indicators of compromise
- CVE-2026-24734cve
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-24734