THREATOPS
THREAT OPSThreat News › [NVD] CVE-2026-24734 (HIGH 7.5) — Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revo

[NVD] CVE-2026-24734 (HIGH 7.5) — Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revo

lownvdPublished 2026-02-17

CVE-2026-24734 CVSS: 7.5 HIGH Published: 2026-02-17T19:21:56.953

Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat.

When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed.

This issue affects Apache Tomc

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-24734