Is Kubernetes affected by EUVD-2026-21057?

Apache Tomcat's clustering component inadvertently logs Kubernetes authentication tokens in plaintext, creating a credential exposure vulnerability that could allow attackers with network access to log files to gain elevated privileges within containerized environments.

EUVD-2026-21057

| CVE-2026-34487 HIGH

2026-04-09 apache

GHSA-x4m4-345f-5h5g

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Patch Released

Apr 11, 2026 - 02:30 nvd

Patch available

Analysis Generated

Apr 09, 2026 - 20:15 vuln.today

EUVD ID Assigned

Apr 09, 2026 - 20:15 euvd

EUVD-2026-21057

CVE Published

Apr 09, 2026 - 19:36 nvd

HIGH 7.5

Description

Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.13 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue.

Analysis

Apache Tomcat's cloud membership clustering component logs Kubernetes bearer tokens in plaintext, enabling unauthenticated remote attackers to extract authentication credentials from log files. Affects Tomcat 9.0.13-9.0.116, 10.1.0-M1-10.1.53, and 11.0.0-M1-11.0.20. …

Remediation

Within 24 hours: Inventory all Tomcat instances (versions 9.0.13-9.0.116, 10.1.0-M1-10.1.53, 11.0.0-M1-11.0.20) in Kubernetes environments and verify log file access controls. Within 7 days: Implement log filtering or masking to redact bearer tokens from Tomcat logs using log aggregation tooling (e.g., Fluentd, Logstash); rotate all Kubernetes service account tokens associated with Tomcat deployments. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: 0

EUVD-2026-21057 vulnerability details – vuln.today

Back

EUVD-2026-21057

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-21057

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code