Buffer Over-read Vulnerability in Apache HTTP Server by Apache
CVE-2026-44185
7.3HIGH
What is CVE-2026-44185?
A vulnerability exists in the Apache HTTP Server that can lead to a buffer over-read. This occurs when outbound OCSP requests are sent to an attacker-controlled OCSP server, potentially revealing sensitive information. It is crucial for users of affected versions, from 2.4.0 to 2.4.67, to upgrade to version 2.4.68 or later to mitigate this risk and safeguard their systems from exploitation.
Affected Version(s)
Apache HTTP Server 2.4.0 <= 2.4.67