CVE-2026-43951

6.5 MEDIUM

Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages

Published: 2026-06-08 · Last updated: 2026-06-11

Severity and scoring

CVSS: 6.5 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CWE: CWE-125

Affected products

Vendor	Product
apache	http_server

Description

Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-43951
[Vendor advisory]https://httpd.apache.org/security/vulnerabilities_24.html
[Other]http://www.openwall.com/lists/oss-security/2026/06/08/10

Related CVEs

Same vendor

CVE-2026-34905 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer (6.5 MEDIUM)
CVE-2026-34031 — Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer (6.5 MEDIUM)
CVE-2026-33582 — Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer (6.5 MEDIUM)
CVE-2026-25699 — Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer (6.1 MEDIUM)
CVE-2026-25688 — Improper Neutralization of Alternate XSS Syntax vulnerability in Apache Answer (6.1 MEDIUM)

Same CWE

CVE-2026-47166 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.7 MEDIUM)
CVE-2026-45624 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.1 MEDIUM)
CVE-2026-45359 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.7 MEDIUM)
CVE-2026-45358 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.3 MEDIUM)
CVE-2026-42326 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.1 MEDIUM)