Denial of Service Vulnerability in Libmodsecurity for Web Application Firewalls
CVE-2026-30923

8.2HIGH

Key Information:

Vendor: Owasp-modsecurity
Status: Modsecurity
Vendor: CVE Published:; 5 May 2026

🔔 Create Owasp-modsecurity Vulnerability Alert

What is CVE-2026-30923?

Libmodsecurity, a key component of the ModSecurity project, is prone to a denial of service vulnerability. An attacker can exploit a specific rule using the t:hexDecode transformation that inspects a query string with a single character. This exploitation results in a segmentation fault, causing worker processes to crash. Although service is restored once the attack ceases due to automatic recovery from the segmentation fault, it poses a significant risk to web applications relying on this firewall technology. The issue affects all versions prior to 3.0.15, which includes a crucial patch to mitigate this vulnerability.

Affected Version(s)

ModSecurity < 3.0.15

References

https://github.com/owasp-modsecurity/ModSecurity/security...

x_refsource_CONFIRM

https://github.com/owasp-modsecurity/ModSecurity/releases...

x_refsource_MISC

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 5, 2026
Vulnerability Reserved
Mar 7, 2026

CVE-2026-30923 Data

JSON