CVE-2026-49975
- EPSS 11.47%
- Veröffentlicht 08.06.2026 15:26:04
- Zuletzt bearbeitet 09.07.2026 13:17:24
Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67.
CVE-2026-48913
- EPSS 0.48%
- Veröffentlicht 08.06.2026 15:24:52
- Zuletzt bearbeitet 10.06.2026 19:31:10
Use After Free vulnerability in Apache HTTP Server module mod_http2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67.
CVE-2026-42536
- EPSS 0.71%
- Veröffentlicht 08.06.2026 15:23:46
- Zuletzt bearbeitet 02.07.2026 12:17:17
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with mod_xml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes...
CVE-2026-44185
- EPSS 0.6%
- Veröffentlicht 08.06.2026 15:22:11
- Zuletzt bearbeitet 02.07.2026 12:17:21
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes ...
CVE-2026-34355
- EPSS 0.81%
- Veröffentlicht 08.06.2026 15:20:30
- Zuletzt bearbeitet 02.07.2026 12:17:09
A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue.
CVE-2026-44631
- EPSS 0.49%
- Veröffentlicht 08.06.2026 15:19:23
- Zuletzt bearbeitet 11.06.2026 04:01:49
Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.
CVE-2026-44119
- EPSS 0.17%
- Veröffentlicht 08.06.2026 15:17:31
- Zuletzt bearbeitet 11.06.2026 04:01:09
Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommend...
CVE-2026-43951
- EPSS 0.53%
- Veröffentlicht 08.06.2026 15:16:14
- Zuletzt bearbeitet 11.06.2026 04:00:11
Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.
CVE-2026-42535
- EPSS 0.54%
- Veröffentlicht 08.06.2026 15:14:49
- Zuletzt bearbeitet 09.06.2026 16:00:53
A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, whi...
CVE-2026-34356
- EPSS 0.68%
- Veröffentlicht 08.06.2026 15:12:21
- Zuletzt bearbeitet 09.06.2026 16:17:19
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie* This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fi...