Skip to main content

Apache HTTP Server EUVDEUVD-2026-35097

| CVE-2026-34355 HIGH
Heap-based Buffer Overflow (CWE-122)
2026-06-08 apache GHSA-3qgf-pp84-379f
7.5
CVSS 3.1 · Vendor: apache
Share

Severity by source

Vendor (apache) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Red Hat
7.5 HIGH
qualitative

Primary rating from Vendor (apache).

CVSS VectorVendor: apache

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Analysis Generated
Jun 08, 2026 - 19:25 vuln.today
CVSS changed
Jun 08, 2026 - 19:22 NVD
7.5 (HIGH)
CVE Published
Jun 08, 2026 - 15:20 nvd
HIGH 7.5
CVE Published
Jun 08, 2026 - 15:20 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue.

AnalysisAI

Denial of service in Apache HTTP Server 2.4.0 through 2.4.67 stems from a heap buffer overflow in the mod_proxy_html output filter, where a malicious or compromised backend can return crafted HTML that corrupts memory in the proxying httpd worker. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) reflects unauthenticated network exploitation with availability-only impact, and no public exploit was identified at time of analysis.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify Apache reverse proxy with mod_proxy_html
Delivery
Gain control of or influence over upstream backend
Exploit
Return crafted HTML response
Execution
Trigger heap overflow in proxy_html filter
Persist
Crash httpd worker process
Impact
Denial of service for proxied vhost

Vulnerability AssessmentAI

Exploitation Apache HTTP Server 2.4.0-2.4.67 must be running with mod_proxy_html loaded and ProxyHTMLEnable active on the request path, configured as a reverse proxy (ProxyPass / ProxyPassReverse) to a backend that the attacker either controls outright or can influence into returning crafted HTML - the description names 'an untrusted backend' as the exploitation vector. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are mixed and warrant context: CVSS 7.5 is driven entirely by A:H (availability), with C:N and I:N - so this is a crash/DoS-class bug, not RCE, despite CWE-122 being a memory-corruption class that can sometimes escalate. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who controls or compromises a backend application server sitting behind an Apache reverse proxy returns a crafted HTML response that triggers the heap overflow inside mod_proxy_html as Apache rewrites links in the body, causing the worker process to crash and resulting in denial of service for clients of that vhost. The same scenario applies when Apache is configured to proxy to a third-party origin the attacker can influence (e.g., a mashup gateway or a partner-hosted service). …
Remediation Vendor-released patch: Apache HTTP Server 2.4.68 - upgrade httpd to 2.4.68 or later, which the vendor states fixes this issue, per https://httpd.apache.org/security/vulnerabilities_24.html. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit all Apache HTTP Server instances to identify affected versions (2.4.0-2.4.67) and determine if mod_proxy_html filter is in active use. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Affected
SUSE Linux Enterprise Module for Basesystem 15 SP7 Affected
SUSE Linux Enterprise Module for Package Hub 15 SP7 Affected
SUSE Linux Enterprise Module for Server Applications 15 SP7 Affected

Share

EUVD-2026-35097 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy