Vulnerability-Lookup

WID-SEC-W-2026-1824

Vulnerability from csaf_certbund - Published: 2026-06-08 22:00 - Updated: 2026-06-16 22:00

Summary

Apache HTTP Server: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Apache ist ein Webserver für verschiedene Plattformen.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting-Angriffe durchzuführen, Daten zu verändern und offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder andere nicht näher definierte Angriffe durchzuführen.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2026-29167

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-29170

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-34355

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-34356

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-42535

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-42536

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-43951

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-44119

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-44185

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-44186

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-44631

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-48913

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

CVE-2026-49975

Affected products

Known affected 8 products

Product	Identifier	Version
Apache HTTP Server <2.4.68 Apache / HTTP Server		<2.4.68
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
IBM HTTP Server <9.0.5.29 IBM / HTTP Server		<9.0.5.29
Microsoft Azure Linux azl3 Microsoft / Azure Linux	`cpe:/o:microsoft:azure_linux:azl3`	azl3
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM HTTP Server <8.5.5.30 IBM / HTTP Server		<8.5.5.30

References

12 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://httpd.apache.org/security/vulnerabilities…	external
https://msrc.microsoft.com/update-guide/	external
https://errata.build.resf.org/RLSA-2026:25090	external
https://access.redhat.com/errata/RHSA-2026:25057	external
https://access.redhat.com/errata/RHSA-2026:25090	external
https://access.redhat.com/errata/RHSA-2026:25225	external
https://errata.build.resf.org/RLSA-2026:25225	external
https://lists.debian.org/debian-lts-announce/2026…	external
https://errata.build.resf.org/RLSA-2026:25057	external
https://www.ibm.com/support/pages/node/7276565	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apache ist ein Webserver f\u00fcr verschiedene Plattformen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting-Angriffe durchzuf\u00fchren, Daten zu ver\u00e4ndern und offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder andere nicht n\u00e4her definierte Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1824 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1824.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1824 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1824"
      },
      {
        "category": "external",
        "summary": "Apache Vulnerabilities vom 2026-06-08",
        "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
      },
      {
        "category": "external",
        "summary": "Microsoft Security Update Guide vom 2026-06-09",
        "url": "https://msrc.microsoft.com/update-guide/"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:25090 vom 2026-06-11",
        "url": "https://errata.build.resf.org/RLSA-2026:25090"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:25057 vom 2026-06-10",
        "url": "https://access.redhat.com/errata/RHSA-2026:25057"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:25090 vom 2026-06-10",
        "url": "https://access.redhat.com/errata/RHSA-2026:25090"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:25225 vom 2026-06-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:25225"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:25225 vom 2026-06-13",
        "url": "https://errata.build.resf.org/RLSA-2026:25225"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4629 vom 2026-06-12",
        "url": "https://lists.debian.org/debian-lts-announce/2026/06/msg00018.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:25057 vom 2026-06-13",
        "url": "https://errata.build.resf.org/RLSA-2026:25057"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7276565 vom 2026-06-16",
        "url": "https://www.ibm.com/support/pages/node/7276565"
      }
    ],
    "source_lang": "en-US",
    "title": "Apache HTTP Server: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-16T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-17T10:49:51.293+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-1824",
      "initial_release_date": "2026-06-08T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-06-08T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-06-09T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2026-06-10T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation und Red Hat aufgenommen"
        },
        {
          "date": "2026-06-14T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation und Debian aufgenommen"
        },
        {
          "date": "2026-06-15T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2026-06-16T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "6"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.4.68",
                "product": {
                  "name": "Apache HTTP Server \u003c2.4.68",
                  "product_id": "T055055"
                }
              },
              {
                "category": "product_version",
                "name": "2.4.68",
                "product": {
                  "name": "Apache HTTP Server 2.4.68",
                  "product_id": "T055055-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:http_server:2.4.68"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "HTTP Server"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c8.5.5.30",
                "product": {
                  "name": "IBM HTTP Server \u003c8.5.5.30",
                  "product_id": "T052356"
                }
              },
              {
                "category": "product_version",
                "name": "8.5.5.30",
                "product": {
                  "name": "IBM HTTP Server 8.5.5.30",
                  "product_id": "T052356-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:http_server:8.5.5.30"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.0.5.29",
                "product": {
                  "name": "IBM HTTP Server \u003c9.0.5.29",
                  "product_id": "T054746"
                }
              },
              {
                "category": "product_version",
                "name": "9.0.5.29",
                "product": {
                  "name": "IBM HTTP Server 9.0.5.29",
                  "product_id": "T054746-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:http_server:9.0.5.29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "HTTP Server"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "azl3",
                "product": {
                  "name": "Microsoft Azure Linux azl3",
                  "product_id": "T049210",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:azure_linux:azl3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-29167",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-29167"
    },
    {
      "cve": "CVE-2026-29170",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-29170"
    },
    {
      "cve": "CVE-2026-34355",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-34355"
    },
    {
      "cve": "CVE-2026-34356",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-34356"
    },
    {
      "cve": "CVE-2026-42535",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-42535"
    },
    {
      "cve": "CVE-2026-42536",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-42536"
    },
    {
      "cve": "CVE-2026-43951",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-43951"
    },
    {
      "cve": "CVE-2026-44119",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-44119"
    },
    {
      "cve": "CVE-2026-44185",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-44185"
    },
    {
      "cve": "CVE-2026-44186",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-44186"
    },
    {
      "cve": "CVE-2026-44631",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-44631"
    },
    {
      "cve": "CVE-2026-48913",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-48913"
    },
    {
      "cve": "CVE-2026-49975",
      "product_status": {
        "known_affected": [
          "T055055",
          "2951",
          "67646",
          "T000126",
          "T054746",
          "T049210",
          "T032255",
          "T052356"
        ]
      },
      "release_date": "2026-06-08T22:00:00.000+00:00",
      "title": "CVE-2026-49975"
    }
  ]
}

CVE-2026-29167 (GCVE-0-2026-29167)

Vulnerability from cvelistv5 – Published: 2026-06-08 15:07 – Updated: 2026-06-09 12:31

Title

Apache HTTP Server: mod_ldap per-dir use-after-free

Summary

Use After Free vulnerability in Apache HTTP Server with mod_ldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-416 - Use After Free

Assigner

apache

References

3 references

URL	Tags
https://httpd.apache.org/security/vulnerabilities…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/06/08/4
http://www.openwall.com/lists/oss-security/2026/06/09/1

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache HTTP Server	Affected: 2.4.0 , ≤ 2.4.67 (semver)

Credits

Pavel Kohout, Aisle Research, Aisle.com

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-09T09:07:31.989Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/08/4"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/09/1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-29167",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T12:31:15.680589Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T12:31:24.706Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.67",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Pavel Kohout, Aisle Research, Aisle.com"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUse After Free vulnerability in Apache HTTP Server with mod_ldap in per-directory configuration\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.4.68, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Use After Free vulnerability in Apache HTTP Server with mod_ldap in per-directory configuration\n\nThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T15:07:59.231Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-03-02T12:00:00.000Z",
          "value": "reported"
        },
        {
          "lang": "en",
          "time": "2026-06-03T12:00:00.000Z",
          "value": "fixed in 2.4.x by r1934935"
        },
        {
          "lang": "en",
          "time": "2026-06-08T00:00:00.000Z",
          "value": "2.4.68 released"
        }
      ],
      "title": "Apache HTTP Server: mod_ldap per-dir use-after-free",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-29167",
    "datePublished": "2026-06-08T15:07:59.231Z",
    "dateReserved": "2026-03-04T11:47:30.099Z",
    "dateUpdated": "2026-06-09T12:31:24.706Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-29170 (GCVE-0-2026-29170)

Vulnerability from cvelistv5 – Published: 2026-06-08 15:10 – Updated: 2026-06-08 22:32

Title

Apache HTTP Server: mod_proxy_ftp XSS

Summary

A cross-site scripting vulnerability exists in mod_proxy_ftp's HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing FTP directory contents either via forward or reverse proxy configuration. Users are recommended to upgrade to version 2.4.68, which fixes this issue.

Severity

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

apache

References

2 references

URL	Tags
https://httpd.apache.org/security/vulnerabilities…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/06/08/5

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache HTTP Server	Affected: 0 , ≤ 2.4.67 (semver)

Credits

Pavel Kohout, Aisle Research, Aisle.com

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.1,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-29170",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-08T18:17:40.844380Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-08T18:18:07.968Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-08T22:32:22.561Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/08/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.67",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Pavel Kohout, Aisle Research, Aisle.com"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A cross-site scripting vulnerability exists in mod_proxy_ftp\u0027s HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing FTP directory contents either via forward or reverse proxy configuration.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to version 2.4.68, which fixes this issue."
            }
          ],
          "value": "A cross-site scripting vulnerability exists in mod_proxy_ftp\u0027s HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing FTP directory contents either via forward or reverse proxy configuration.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes this issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T15:10:09.141Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-03-04T12:15:00.000Z",
          "value": "Report received"
        },
        {
          "lang": "en",
          "time": "2026-06-04T12:00:00.000Z",
          "value": "fixed in 2.4.x by r1934982"
        },
        {
          "lang": "eng",
          "time": "2026-06-08T12:00:00.000Z",
          "value": "2.4.68 released"
        }
      ],
      "title": "Apache HTTP Server: mod_proxy_ftp XSS",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-29170",
    "datePublished": "2026-06-08T15:10:09.141Z",
    "dateReserved": "2026-03-04T12:16:21.060Z",
    "dateUpdated": "2026-06-08T22:32:22.561Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-34355 (GCVE-0-2026-34355)

Vulnerability from cvelistv5 – Published: 2026-06-08 15:20 – Updated: 2026-06-08 22:32

Title

Apache HTTP Server: mod_proxy_html buffer overflow

Summary

A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

apache

References

2 references

URL	Tags
https://httpd.apache.org/security/vulnerabilities…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/06/08/6

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache HTTP Server	Affected: 2.4.0 , ≤ 2.4.67 (semver)

Credits

Elhanan Haenel Junhui Lee

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-34355",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-08T18:11:57.581951Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-08T18:12:38.389Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-08T22:32:23.731Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/08/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.67",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Elhanan Haenel"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Junhui Lee"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend.\u003cbr\u003eUsers are recommended to upgrade to version 2.4.68, which fixes this issue."
            }
          ],
          "value": "A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend.\nUsers are recommended to upgrade to version 2.4.68, which fixes this issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T15:20:30.900Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-03-21T09:59:00.000Z",
          "value": "Report received"
        },
        {
          "lang": "en",
          "time": "2026-06-04T12:00:00.000Z",
          "value": "fixed in 2.4.x by r1934977"
        },
        {
          "lang": "eng",
          "time": "2026-06-08T12:00:00.000Z",
          "value": "2.4.68 released"
        }
      ],
      "title": "Apache HTTP Server: mod_proxy_html buffer overflow",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-34355",
    "datePublished": "2026-06-08T15:20:30.900Z",
    "dateReserved": "2026-03-27T11:32:12.684Z",
    "dateUpdated": "2026-06-08T22:32:23.731Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-34356 (GCVE-0-2026-34356)

Vulnerability from cvelistv5 – Published: 2026-06-08 15:12 – Updated: 2026-06-08 22:32

Title

Apache HTTP Server: ProxyPassReverseCookieMap buffer overflow

Summary

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie* This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

apache

References

2 references

URL	Tags
https://httpd.apache.org/security/vulnerabilities…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/06/08/7

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache HTTP Server	Affected: 2.4.0 , ≤ 2.4.67 (semver)

Credits

Arkadi Vainbrand depthfirst (depthfirst.com)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-34356",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-08T18:14:26.078879Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-08T18:17:13.913Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-08T22:32:24.906Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/08/7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.67",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Arkadi Vainbrand"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "depthfirst (depthfirst.com)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eHeap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie*\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.4.68, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie*\n\nThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T15:12:21.415Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-23T12:00:00.000Z",
          "value": "reported"
        },
        {
          "lang": "en",
          "time": "2026-06-05T12:00:00.000Z",
          "value": "fixed in 2.4.x by r1935008"
        },
        {
          "lang": "eng",
          "time": "2026-06-08T12:00:00.000Z",
          "value": "2.4.68 released"
        }
      ],
      "title": "Apache HTTP Server: ProxyPassReverseCookieMap buffer overflow",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-34356",
    "datePublished": "2026-06-08T15:12:21.415Z",
    "dateReserved": "2026-03-27T11:47:04.086Z",
    "dateUpdated": "2026-06-08T22:32:24.906Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42535 (GCVE-0-2026-42535)

Vulnerability from cvelistv5 – Published: 2026-06-08 15:14 – Updated: 2026-06-09 12:13

Title

Apache HTTP Server: mod_dav_fs protected directory access

Summary

A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue.

Severity

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-668 - Exposure of Resource to Wrong Sphere

Assigner

apache

References

2 references

URL	Tags
https://httpd.apache.org/security/vulnerabilities…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/06/08/8

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache HTTP Server	Affected: 0 , ≤ 2.4.67 (semver)

Credits

Zhenpeng (Leo) Lin at depthfirst

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-08T22:32:26.156Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/08/8"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-42535",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T12:11:15.542043Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T12:13:11.748Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.67",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zhenpeng (Leo) Lin at depthfirst"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier\u0026nbsp;allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to version 2.4.68, which fixes this issue."
            }
          ],
          "value": "A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier\u00a0allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes this issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-668",
              "description": "CWE-668 Exposure of Resource to Wrong Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T15:14:49.189Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-27T22:48:00.000Z",
          "value": "Report received"
        },
        {
          "lang": "en",
          "time": "2026-06-05T12:00:00.000Z",
          "value": "fixed in 2.4.x by r1935013"
        },
        {
          "lang": "eng",
          "time": "2026-06-08T12:00:00.000Z",
          "value": "2.4.68 released"
        }
      ],
      "title": "Apache HTTP Server: mod_dav_fs protected directory access",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-42535",
    "datePublished": "2026-06-08T15:14:49.189Z",
    "dateReserved": "2026-04-28T15:53:30.262Z",
    "dateUpdated": "2026-06-09T12:13:11.748Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42536 (GCVE-0-2026-42536)

Vulnerability from cvelistv5 – Published: 2026-06-08 15:23 – Updated: 2026-06-08 22:32

Title

Apache HTTP Server: mod_xml2enc heap overflow

Summary

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with mod_xml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

apache

References

2 references

URL	Tags
https://httpd.apache.org/security/vulnerabilities…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/06/08/9

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache HTTP Server	Affected: 2.4.0 , ≤ 2.4.67 (semver)

Credits

Zhenpeng (Leo) Lin at depthfirst

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-42536",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-08T18:09:39.478431Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-08T18:10:10.372Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-08T22:32:27.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/08/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.67",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zhenpeng (Leo) Lin at depthfirst"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eHeap-based Buffer Overflow vulnerability in Apache HTTP Server with\u0026nbsp;mod_xml2enc, xml2StartParse, and untrusted content\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.4.68, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Heap-based Buffer Overflow vulnerability in Apache HTTP Server with\u00a0mod_xml2enc, xml2StartParse, and untrusted content\n\nThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T15:23:46.290Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-27T12:00:00.000Z",
          "value": "reported"
        },
        {
          "lang": "en",
          "time": "2026-06-04T12:00:00.000Z",
          "value": "fixed in 2.4.x by r1934971"
        },
        {
          "lang": "eng",
          "time": "2026-06-08T12:00:00.000Z",
          "value": "2.4.68 released"
        }
      ],
      "title": "Apache HTTP Server: mod_xml2enc heap overflow",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-42536",
    "datePublished": "2026-06-08T15:23:46.290Z",
    "dateReserved": "2026-04-28T16:06:25.760Z",
    "dateUpdated": "2026-06-08T22:32:27.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-43951 (GCVE-0-2026-43951)

Vulnerability from cvelistv5 – Published: 2026-06-08 15:16 – Updated: 2026-06-08 22:32

Title

Apache HTTP Server: OOB Read in `merge_response_headers` can cause crash

Summary

Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-125 - Out-of-bounds Read

Assigner

apache

References

2 references

URL	Tags
https://httpd.apache.org/security/vulnerabilities…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/0…

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache HTTP Server	Affected: 2.4.0 , ≤ 2.4.67 (semver)

Credits

Zhenpeng (Leo) Lin at depthfirst

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-43951",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-08T18:13:37.250801Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-08T18:14:03.963Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-08T22:32:28.584Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/08/10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.67",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zhenpeng (Leo) Lin at depthfirst"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eOut-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67."
            }
          ],
          "value": "Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages.\n\nThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T15:16:14.594Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-27T12:00:00.000Z",
          "value": "reported"
        },
        {
          "lang": "en",
          "time": "2026-06-05T12:00:00.000Z",
          "value": "fixed in 2.4.x by r1935006"
        },
        {
          "lang": "eng",
          "time": "2026-06-08T12:00:00.000Z",
          "value": "2.4.68 released"
        }
      ],
      "title": "Apache HTTP Server: OOB Read in `merge_response_headers` can cause crash",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-43951",
    "datePublished": "2026-06-08T15:16:14.594Z",
    "dateReserved": "2026-05-04T17:15:44.253Z",
    "dateUpdated": "2026-06-08T22:32:28.584Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-44119 (GCVE-0-2026-44119)

Vulnerability from cvelistv5 – Published: 2026-06-08 15:17 – Updated: 2026-06-09 11:57

Title

Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules

Summary

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Severity

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-269 - Improper Privilege Management

Assigner

apache

References

2 references

URL	Tags
https://httpd.apache.org/security/vulnerabilities…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/0…

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache HTTP Server	Affected: 2.4.0 , ≤ 2.4.67 (semver)

Credits

Lucian Nitescu as3617 (@real_as3617) at ENKI Whitehat Zhang San Martin Petrák joaovicdev Rooting | Lucas Torres R4mbb of KRsecurity gggggggga@Xiaomi ShadowBlade Security Lab NikKrian of H3C Security Center(h3c.com) lokerxx

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-08T22:32:29.788Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/08/11"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-44119",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T11:57:06.913774Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T11:57:10.824Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.67",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Lucian Nitescu"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "as3617 (@real_as3617) at ENKI Whitehat"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Zhang San"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Martin Petr\u00e1k"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "joaovicdev"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Rooting | Lucas Torres"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "R4mbb of KRsecurity"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "gggggggga@Xiaomi ShadowBlade Security Lab"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "NikKrian of H3C Security Center(h3c.com)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "lokerxx"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eImproper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: from through 2.4.67.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.4.68, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.\n\nThis issue affects Apache HTTP Server: from through 2.4.67.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T15:17:31.939Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-05T12:00:00.000Z",
          "value": "reported"
        },
        {
          "lang": "en",
          "time": "2026-06-05T12:00:00.000Z",
          "value": "fixed in 2.4.x by r1935017"
        },
        {
          "lang": "eng",
          "time": "2026-06-08T12:00:00.000Z",
          "value": "2.4.68 released"
        }
      ],
      "title": "Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-44119",
    "datePublished": "2026-06-08T15:17:31.939Z",
    "dateReserved": "2026-05-05T11:34:53.172Z",
    "dateUpdated": "2026-06-09T11:57:10.824Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-44185 (GCVE-0-2026-44185)

Vulnerability from cvelistv5 – Published: 2026-06-08 15:22 – Updated: 2026-06-08 22:32

Title

Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`

Summary

Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Severity

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-126 - Buffer Over-read

Assigner

apache

References

2 references

URL	Tags
https://httpd.apache.org/security/vulnerabilities…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/0…

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache HTTP Server	Affected: 2.4.0 , ≤ 2.4.67 (semver)

Credits

Zhenpeng (Leo) Lin at depthfirst

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 7.3,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-44185",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-08T18:10:50.653826Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-08T18:11:21.734Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-08T22:32:30.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/08/12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.67",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zhenpeng (Leo) Lin at depthfirst"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eBuffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.4.68, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server\n\nThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T15:22:11.809Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-27T12:00:00.000Z",
          "value": "reported"
        },
        {
          "lang": "en",
          "time": "2026-06-03T12:00:00.000Z",
          "value": "fixed in 2.4.x by r1934919"
        },
        {
          "lang": "eng",
          "time": "2026-06-08T12:00:00.000Z",
          "value": "2.4.68 released"
        }
      ],
      "title": "Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-44185",
    "datePublished": "2026-06-08T15:22:11.809Z",
    "dateReserved": "2026-05-05T14:42:10.681Z",
    "dateUpdated": "2026-06-08T22:32:30.948Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-44186 (GCVE-0-2026-44186)

Vulnerability from cvelistv5 – Published: 2026-06-08 15:11 – Updated: 2026-06-09 12:20

Title

Apache HTTP Server: Loop in `proxy_ftp_handler` in mod_proxy_ftp

Summary

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue affects undefined: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Severity

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Assigner

apache

References

2 references

URL	Tags
https://httpd.apache.org/security/vulnerabilities…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/0…

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache HTTP Server	Affected: 2.4.0 , ≤ 2.4.67 (semver)

Credits

Zhenpeng (Leo) Lin at depthfirst

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-08T22:32:32.111Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/08/13"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 7.3,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-44186",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T12:20:03.384693Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T12:20:10.986Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.67",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zhenpeng (Leo) Lin at depthfirst"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eLoop with Unreachable Exit Condition (\u0027Infinite Loop\u0027) vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled backend FTP server.\u003c/p\u003e\u003cp\u003eThis issue affects undefined: from 2.4.0 through 2.4.67.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.4.68, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027) vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled backend FTP server.\n\nThis issue affects undefined: from 2.4.0 through 2.4.67.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-835",
              "description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T15:11:12.743Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-27T12:00:00.000Z",
          "value": "reported"
        },
        {
          "lang": "en",
          "time": "2026-06-05T12:00:00.000Z",
          "value": "fixed in 2.4.x by r1935004"
        },
        {
          "lang": "eng",
          "time": "2026-06-08T12:00:00.000Z",
          "value": "2.4.68 released"
        }
      ],
      "title": "Apache HTTP Server: Loop in `proxy_ftp_handler` in mod_proxy_ftp",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-44186",
    "datePublished": "2026-06-08T15:11:12.743Z",
    "dateReserved": "2026-05-05T15:00:32.613Z",
    "dateUpdated": "2026-06-09T12:20:10.986Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-1824

CVE-2026-29167 (GCVE-0-2026-29167)

CVE-2026-29170 (GCVE-0-2026-29170)

CVE-2026-34355 (GCVE-0-2026-34355)

CVE-2026-34356 (GCVE-0-2026-34356)

CVE-2026-42535 (GCVE-0-2026-42535)

CVE-2026-42536 (GCVE-0-2026-42536)

CVE-2026-43951 (GCVE-0-2026-43951)

CVE-2026-44119 (GCVE-0-2026-44119)

CVE-2026-44185 (GCVE-0-2026-44185)

CVE-2026-44186 (GCVE-0-2026-44186)

Tags

Sightings

Nomenclature