Skip to main content

Apache HTTP Server EUVDEUVD-2026-35093

| CVE-2026-43951 MEDIUM
Out-of-bounds Read (CWE-125)
2026-06-08 apache GHSA-4qxr-h6g3-8f95
6.5
CVSS 3.1 · Vendor: apache
Share

Severity by source

Vendor (apache) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
SUSE
MEDIUM
qualitative
Red Hat
6.5 MEDIUM
qualitative

Primary rating from Vendor (apache).

CVSS VectorVendor: apache

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jun 08, 2026 - 19:31 vuln.today
CVSS changed
Jun 08, 2026 - 19:22 NVD
6.5 (MEDIUM)
CVE Published
Jun 08, 2026 - 15:16 nvd
MEDIUM 6.5
CVE Published
Jun 08, 2026 - 15:16 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages.

This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.

AnalysisAI

Out-of-bounds read in Apache HTTP Server 2.4.0 through 2.4.67 arises from an interaction between mod_headers, mod_mime, and multi-language content negotiation, allowing unauthenticated remote attackers to trigger memory reads beyond allocated buffer boundaries. The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) confirms low-complexity, unauthenticated network exploitation yielding limited confidentiality and integrity impact with no availability consequence. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Send crafted HTTP request with language negotiation headers
Exploit
Target Apache instance with mod_headers and mod_mime and MultiViews enabled
Execution
Trigger out-of-bounds read during multi-language response construction
Impact
Receive leaked memory contents in HTTP response

Vulnerability AssessmentAI

Exploitation Exploitation requires Apache HTTP Server versions 2.4.0-2.4.67 with three conditions simultaneously present: mod_headers loaded, mod_mime loaded, and multi-language content negotiation active (typically via the MultiViews option or mod_negotiation with multiple language-variant files in the served directory). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 6.5 Medium score is consistent with the limited impact profile: C:L and I:L indicate partial data disclosure and minor integrity effects, while A:N rules out denial of service. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated remote attacker sends a crafted HTTP request with manipulated Accept-Language or content-negotiation headers to an Apache instance with mod_headers and mod_mime enabled alongside multi-language content negotiation. The malformed interaction triggers an out-of-bounds read during response construction, potentially leaking fragments of server process memory - such as heap metadata, partial request data, or environment values - in the HTTP response. …
Remediation Consult the Apache HTTP Server security advisory at https://httpd.apache.org/security/vulnerabilities_24.html for the confirmed patched release - an exact fix version was not independently confirmed in the available intelligence data, so the advisory should be the authoritative source before upgrading. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
SUSE Linux Enterprise Module for Server Applications 15 SP7 Fixed

Share

EUVD-2026-35093 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy