1. Apache Tomcat Windows Installer Contains Untrusted Search Path Vulnerability (CVE-2025-49124)
A moderate-severity vulnerability in the Apache Tomcat installer for Windows exposes systems to potential local privilege escalation. The flaw, tracked as CVE-2025-49124 (GHSA-42wg-hm62-jcwg), is an untrusted search path issue. During installation, the installer calls the system utility `icacls.exe` without specifying ...