{"uuid": "412277f4-d2ca-48f6-b880-681b2f191cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://infosec.exchange/users/harrysintonen/statuses/116517446102524326", "content": "Several vulnerabilities in #Apache HTTP Server 2.4 have been fixed in release 2.4.67. The most severe of these are:\n- CVE-2026-23918: Apache HTTP Server: http2: double free and possible RCE on early reset\n- CVE-2026-24072: Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr\n- CVE-2026-33006: Apache HTTP Server: mod_auth_digest timing attack\nhttps://httpd.apache.org/security/vulnerabilities_24.html\n#CVE_2026_23918 #CVE_2026_24072 #CVE_2026_33006 #infosec #cybersecurity", "creation_timestamp": "2026-05-04T17:18:52.927565Z"}