WebDAV Path Handling Vulnerability in Apache Web Server
CVE-2026-42535
9.1CRITICAL
What is CVE-2026-42535?
A path handling vulnerability exists in the mod_dav_fs module of Apache Web Server versions prior to 2.4.68. This flaw permits a WebDAV content author to directly manipulate trusted DAV property databases, which could lead to instability, including potential crashes of child processes. It is strongly advised that users upgrade to version 2.4.68 to mitigate these risks.
Affected Version(s)
Apache HTTP Server 0 <= 2.4.67