Emerging Threat: (CVE-2026-55957) Apache Tomcat Authentication Bypass via JNDIRealm GSSAPI Binds
CVE-2026-55957 is a missing critical step in authentication in Apache Tomcat, present when the JNDIRealm is configured to authenticate binds using GSSAPI. The vulnerability carries a CVSS v3.1 base score of 9.8 (Critical), based on network attack vector, low attack complexity, no privileges required, and no user interaction.