Skip to main content

Apache HTTP Server EUVDEUVD-2026-26963

| CVE-2026-33007 MEDIUM
NULL Pointer Dereference (CWE-476)
2026-05-04 apache
5.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
SUSE
MEDIUM
qualitative
Red Hat
5.3 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

5
Analysis Generated
May 04, 2026 - 17:15 vuln.today
CVSS changed
May 04, 2026 - 16:22 NVD
5.3 (MEDIUM)
EUVD ID Assigned
May 04, 2026 - 15:00 euvd
EUVD-2026-26963
Analysis Generated
May 04, 2026 - 15:00 vuln.today
CVE Published
May 04, 2026 - 14:41 nvd
MEDIUM 5.3

DescriptionCVE.org

A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration.

Users are recommended to upgrade to version 2.4.67, which fixes this issue.

AnalysisAI

Null pointer dereference in mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows unauthenticated remote attackers to crash child processes in caching forward proxy configurations, resulting in denial of service. The vulnerability has CVSS 5.3 (medium) with network accessibility and no authentication required, but is limited to partial availability impact affecting only specific proxy deployments. Vendor-released patch: version 2.4.67.

Technical ContextAI

mod_authn_socache is an Apache HTTP Server module that provides authentication caching using socache (shared object cache). The vulnerability stems from a NULL pointer dereference (CWE-476) in this module's code path when handling authentication requests in a caching forward proxy configuration. When the module attempts to dereference a pointer that has not been properly initialized or validated, it causes the child process to crash. This affects the mod_authn_socache-specific code path and requires the forward proxy caching feature to be enabled, making it configuration-dependent rather than a universal server vulnerability.

RemediationAI

Upgrade to Apache HTTP Server 2.4.67 or later immediately - this is the definitive fix provided by the vendor. For organizations unable to upgrade immediately, disable mod_authn_socache if not actively used for authentication caching, or disable forward proxy functionality if the caching feature is not critical to operations. If both features are required for business purposes, implement network-level access controls to restrict untrusted traffic to the proxy service, limiting who can send crafted requests that trigger the NULL pointer dereference. This compensating control reduces attack surface but does not eliminate the vulnerability if internal users or compromised systems have proxy access. See vendor advisory at https://httpd.apache.org/security/vulnerabilities_24.html for additional details and upgrade instructions.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
SUSE Linux Enterprise Module for Server Applications 15 SP7 Fixed

Share

EUVD-2026-26963 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy