[Security Vulnerability Alert] Apache HTTP Server contains high-risk security vulnerabilities (CVE-2026-23918, CVE-2026-29167, and CVE-2026-44631). Please confirm and patch them as soon as possible.

[Security Vulnerability Alert] Apache HTTP Server contains high-risk security vulnerabilities (CVE-2026-23918, CVE-2026-29167, and CVE-2026-44631). Please confirm and patch them as soon as possible.

2026/6/30 ～ 2026/12/30

View Count：39

Forward National Information Sharing and Analysis Center Information Security Alert NISAC-200-202606-00000013

[Description]
Researchers have discovered that Apache HTTP Server contains three high-risk security vulnerabilities (CVE-2026-23918、CVE-2026-29167 and CVE-2026-44631), including Double Free, Use After Free, and Buffer Overflow vulnerabilities. The most severe case may allow an authenticated remote attacker to execute arbitrary code. Please promptly confirm and perform patching.

[Affected Platform]
Apache HTTP Server 2.4.66
Apache HTTP Server 2.4.0 to 2.4.67

[Recommended Measures]
The official has released fix updates for the vulnerabilities. Please refer to the official instructions for updates. The URL is as follows: https://httpd.apache.org/security/vulnerabilities_24.html

[References]
https://httpd.apache.org/security/vulnerabilities_24.html
https://nvd.nist.gov/vuln/detail/CVE-2026-23918
https://nvd.nist.gov/vuln/detail/CVE-2026-29167
https://nvd.nist.gov/vuln/detail/CVE-2026-44631

[Security Vulnerability Alert] Apache HTTP Server contains high-risk security vulnerabilities (CVE-2026-23918, CVE-2026-29167, and CVE-2026-44631). Please confirm and patch them as soon as possible.

2026/6/30 ～ 2026/12/30

View Count：39

Files

None

【Back】