Update: Apache Tomcat Flaw Exploited in the Wild, PoC Released
A critical remote code execution (RCE) vulnerability, CVE-2025-24813, is now being actively exploited in the wild, allowing attackers to take over vulnerable Apache Tomcat servers with a single PUT API request, according to a report from Wallarm.