CVE-2026-24072 in HTTP Serverinformação

Sumário

de MITRE • 04/05/2026

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.

Users are recommended to upgrade to version 2.4.67, which fixes this issue.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

Apache

Reservar

21/01/2026

Divulgação

04/05/2026

Moderação

aceite

Entrada

VDB-360960

CPE

pronto

CWE

CWE-269 (confirmado)

CVSS

3.3 (VulDB)

EPSS

0.00018

KEV

não

Atividades

muito baixo

Sector

Agriculture, Hospital, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-24072
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-24072
CVE Details	https://www.cvedetails.com/cve/CVE-2026-24072/

◂ Voltar Visão Geral Próximo ▸

Do you know our Splunk app?

Download it now for free!