Recently Disclosed Apache Tomcat Security Flaw Actively Exploited Within 30 Hours

A recently disclosed security vulnerability affecting Apache Tomcat has been actively exploited in the wild just 30 hours after its public disclosure, following the release of a proof-of-concept (PoC). The vulnerability, listed under the number CVE-2025-24813, affects the following versions: Apache Tomcat 11.0.0-M1 to 11.0.2, Apache Tomcat 10.1.0-M1 to 10.1.34, and Apache Tomcat 9.0.0-M1 to 9.0.98. This flaw was quickly exploited after the PoC was published, highlighting the need to update vulnerable systems.