CVE-2025-49125 | Apache Tomcat up to 9.0.105/10.1.41/11.0.7 authentication bypass

June 16, 2025 Yanac

A vulnerability, which was classified as critical, was found in Apache Tomcat up to 9.0.105/10.1.41/11.0.7. This affects an unknown part. The manipulation leads to authentication bypass using alternate channel.

This vulnerability is uniquely identified as CVE-2025-49125. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More