Red Hat Product Errata RHSA-2026:18536 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:18536 - Security Advisory Overview Updated Packages Synopsis Important: tomcat9 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for tomcat9 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): tomcat: Apache Tomcat: Security constraint bypass for CGI scripts (CVE-2025-46701) org.apache.tomcat/tomcat-catalina: tomcat: Apache Tomcat: session fixation via rewrite valve (CVE-2025-55668) org.apache.tomcat/tomcat-juli: tomcat: Apache Tomcat: console manipulation (CVE-2025-55754) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 10 Release Notes linked from the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Fixes BZ - 2369253 - CVE-2025-46701 tomcat: Apache Tomcat: Security constraint bypass for CGI scripts BZ - 2388226 - CVE-2025-55668 org.apache.tomcat/tomcat-catalina: tomcat: Apache Tomcat: session fixation via rewrite valve BZ - 2406590 - CVE-2025-55754 org.apache.tomcat/tomcat-juli: tomcat: Apache Tomcat: console manipulation RHEL-148687 - Rebase tomcat9 package to enable PQC features RHEL-158962 - NPE in tomcat9 when used with TLS enabled custom connector CVEs CVE-2025-46701 CVE-2025-55668 CVE-2025-55754 References https://access.redhat.com/security/updates/classification/#important https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/html/10.2_release_notes/index Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM tomcat9-9.0.110-2.el10_2.src.rpm SHA-256: b8cb1e4a08760a64bf4a4e52b929cdb95b81f0d0735039245c88de54a31f7777 x86_64 tomcat9-9.0.110-2.el10_2.noarch.rpm SHA-256: 66852bcccb798b9c0be4b2db1eccd06fa327dcd2a8ae0580598252a948c4a8cd tomcat9-admin-webapps-9.0.110-2.el10_2.noarch.rpm SHA-256: abc2961e332d9f32b6267dc6b0ec8440de5c8db42876e2cbf7fb3a0305485c85 tomcat9-docs-webapp-9.0.110-2.el10_2.noarch.rpm SHA-256: 51a3928830e4f69e20694ab2e14752529b099aa924e4bf8d1e5fa6dbe9b130f5 tomcat9-el-3.0-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 5b1aa25652e1ad48f09599960f10bc6c2132f23cc86559871e5abc13567967ac tomcat9-jsp-2.3-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 7472b1743b074022faab419f6ab0fd0483de9ab2343b951dbc4a9cd6266626fd tomcat9-lib-9.0.110-2.el10_2.noarch.rpm SHA-256: 360a0afa55de05398c3164a0b24fcccf2214d44f3674ec2ab967cf2ab06610f4 tomcat9-servlet-4.0-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 4dd8d44f8f2b6e929528fbdd981552ec9f768b3654af295ab36f2088404d2db3 tomcat9-webapps-9.0.110-2.el10_2.noarch.rpm SHA-256: 00b4b1ecb0623d4639a1e901d35e51154c1ca6db28ec990b4d3c7af69113ac45 Red Hat Enterprise Linux for IBM z Systems 10 SRPM tomcat9-9.0.110-2.el10_2.src.rpm SHA-256: b8cb1e4a08760a64bf4a4e52b929cdb95b81f0d0735039245c88de54a31f7777 s390x tomcat9-9.0.110-2.el10_2.noarch.rpm SHA-256: 66852bcccb798b9c0be4b2db1eccd06fa327dcd2a8ae0580598252a948c4a8cd tomcat9-admin-webapps-9.0.110-2.el10_2.noarch.rpm SHA-256: abc2961e332d9f32b6267dc6b0ec8440de5c8db42876e2cbf7fb3a0305485c85 tomcat9-docs-webapp-9.0.110-2.el10_2.noarch.rpm SHA-256: 51a3928830e4f69e20694ab2e14752529b099aa924e4bf8d1e5fa6dbe9b130f5 tomcat9-el-3.0-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 5b1aa25652e1ad48f09599960f10bc6c2132f23cc86559871e5abc13567967ac tomcat9-jsp-2.3-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 7472b1743b074022faab419f6ab0fd0483de9ab2343b951dbc4a9cd6266626fd tomcat9-lib-9.0.110-2.el10_2.noarch.rpm SHA-256: 360a0afa55de05398c3164a0b24fcccf2214d44f3674ec2ab967cf2ab06610f4 tomcat9-servlet-4.0-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 4dd8d44f8f2b6e929528fbdd981552ec9f768b3654af295ab36f2088404d2db3 tomcat9-webapps-9.0.110-2.el10_2.noarch.rpm SHA-256: 00b4b1ecb0623d4639a1e901d35e51154c1ca6db28ec990b4d3c7af69113ac45 Red Hat Enterprise Linux for Power, little endian 10 SRPM tomcat9-9.0.110-2.el10_2.src.rpm SHA-256: b8cb1e4a08760a64bf4a4e52b929cdb95b81f0d0735039245c88de54a31f7777 ppc64le tomcat9-9.0.110-2.el10_2.noarch.rpm SHA-256: 66852bcccb798b9c0be4b2db1eccd06fa327dcd2a8ae0580598252a948c4a8cd tomcat9-admin-webapps-9.0.110-2.el10_2.noarch.rpm SHA-256: abc2961e332d9f32b6267dc6b0ec8440de5c8db42876e2cbf7fb3a0305485c85 tomcat9-docs-webapp-9.0.110-2.el10_2.noarch.rpm SHA-256: 51a3928830e4f69e20694ab2e14752529b099aa924e4bf8d1e5fa6dbe9b130f5 tomcat9-el-3.0-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 5b1aa25652e1ad48f09599960f10bc6c2132f23cc86559871e5abc13567967ac tomcat9-jsp-2.3-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 7472b1743b074022faab419f6ab0fd0483de9ab2343b951dbc4a9cd6266626fd tomcat9-lib-9.0.110-2.el10_2.noarch.rpm SHA-256: 360a0afa55de05398c3164a0b24fcccf2214d44f3674ec2ab967cf2ab06610f4 tomcat9-servlet-4.0-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 4dd8d44f8f2b6e929528fbdd981552ec9f768b3654af295ab36f2088404d2db3 tomcat9-webapps-9.0.110-2.el10_2.noarch.rpm SHA-256: 00b4b1ecb0623d4639a1e901d35e51154c1ca6db28ec990b4d3c7af69113ac45 Red Hat Enterprise Linux for ARM 64 10 SRPM tomcat9-9.0.110-2.el10_2.src.rpm SHA-256: b8cb1e4a08760a64bf4a4e52b929cdb95b81f0d0735039245c88de54a31f7777 aarch64 tomcat9-9.0.110-2.el10_2.noarch.rpm SHA-256: 66852bcccb798b9c0be4b2db1eccd06fa327dcd2a8ae0580598252a948c4a8cd tomcat9-admin-webapps-9.0.110-2.el10_2.noarch.rpm SHA-256: abc2961e332d9f32b6267dc6b0ec8440de5c8db42876e2cbf7fb3a0305485c85 tomcat9-docs-webapp-9.0.110-2.el10_2.noarch.rpm SHA-256: 51a3928830e4f69e20694ab2e14752529b099aa924e4bf8d1e5fa6dbe9b130f5 tomcat9-el-3.0-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 5b1aa25652e1ad48f09599960f10bc6c2132f23cc86559871e5abc13567967ac tomcat9-jsp-2.3-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 7472b1743b074022faab419f6ab0fd0483de9ab2343b951dbc4a9cd6266626fd tomcat9-lib-9.0.110-2.el10_2.noarch.rpm SHA-256: 360a0afa55de05398c3164a0b24fcccf2214d44f3674ec2ab967cf2ab06610f4 tomcat9-servlet-4.0-api-9.0.110-2.el10_2.noarch.rpm SHA-256: 4dd8d44f8f2b6e929528fbdd981552ec9f768b3654af295ab36f2088404d2db3 tomcat9-webapps-9.0.110-2.el10_2.noarch.rpm SHA-256: 00b4b1ecb0623d4639a1e901d35e51154c1ca6db28ec990b4d3c7af69113ac45 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .