A critical remote code execution (RCE) vulnerability, CVE-2025-24813, is now being actively exploited in the wild, allowing attackers to take over vulnerable Apache Tomcat servers with a single PUT API request, according to a report from Wallarm.

‍