CVE-2026-53434 | Detection of Error Condition Without Action vulnerability in…

Description

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fixes the issue.

Metadata

CVE ID: CVE-2026-53434
State: PUBLISHED
Assigner: apache
Reserved: 2026-06-09 14:08 UTC
Published: 2026-06-29 20:41 UTC
Last updated: 2026-06-29 22:24 UTC
Primary CWE: CWE-390
CWE-390 Detection of Error Condition Without Action
Vendor / Product: Apache Software Foundation / Apache Tomcat
Sources: cve.org · NVD

Severity & Metrics

No CVSS data available.

Affected products (1)

Vendor	Product	Platform	Versions
Apache Software Foundation	Apache Tomcat	—	11.0.0-M1 ≤ 11.0.22, 10.1.0-M7 ≤ 10.1.55, 9.0.83 ≤ 9.0.118, 0 ≤ 9.0.82

Weakness (CWE)

CWE	Source	Description
CWE-390	cna	CWE-390 Detection of Error Condition Without Action

References (1)

https://lists.apache.org/thread/x510lbq0sfrd1qyo7q3r1mpllgpdcosk