Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Apache Tomcat Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability - CVE-2026-24880 - Vulnerability Database
Apache Tomcat

Apache Tomcat Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability - CVE-2026-24880

High
Reference: CVE-2026-24880
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2026-24880
Title: Apache Tomcat Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Overview:

Inconsistent Interpretation of HTTP Requests (39HTTP Request/Response Smuggling39) vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18 from 10.1.0-M1 through 10.1.52 from 9.0.0.M1 through 9.0.115 from 8.5.0 through 8.5.100 from 7.0.0 through 7.0.109. Other unsupported versions may also be affected. Users are recommended to upgrade to version 11.0.20 10.1.52 or 9.0.116 which fix the issue.