Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Apache Tomcat: Unpatched Servers May Be Hacked
ROOT-APP-MAVEN-CVE-2025-61795
Summary
Apache Tomcat servers may be vulnerable to a security weakness that allows hackers to break in. This issue affects servers using a specific version of Apache Tomcat, and it's recommended to update to a patched version to stay secure.
What to do
- Update io.root.org.apache.tomcat:tomcat-catalina to version 10.1.13-root.io.9.
- Update io.root.org.apache.tomcat:tomcat-catalina to version 11.0.6-root.io.4.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | io.root.org.apache.tomcat:tomcat-catalina | <= 10.1.13-root.io.9 | 10.1.13-root.io.9 |
| – | io.root.org.apache.tomcat:tomcat-catalina | <= 11.0.6-root.io.4 | 11.0.6-root.io.4 |
Original title
CVE-2025-61795 in io.root.org.apache.tomcat:tomcat-catalina - Patched by Root
Original description
Root has patched CVE-2025-61795 in the io.root.org.apache.tomcat:tomcat-catalina package for Root:Maven. Multiple fixed versions available.
Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 7 Apr 2026