Uncontrolled Resource Consumption Vulnerability in Apache Traffic Server by Apache
CVE-2026-59173

Currently unrated

Key Information:

Vendor

Apache

Vendor
CVE Published:
18 July 2026

What is CVE-2026-59173?

An uncontrolled resource consumption vulnerability exists in Apache Traffic Server, impacting versions from 9.0.0 through 9.1.13 and from 10.0.0 through 10.1.2. This flaw can potentially allow attackers to exhaust system resources, leading to service disruption. Users are advised to upgrade to versions 9.1.14 or 10.1.3 to mitigate this vulnerability. For more details, refer to the Apache security advisory.

Affected Version(s)

Apache Traffic Server 9.0.0 <= 9.2.13

Apache Traffic Server 10.0.0 <= 10.1.2

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Okta Red Team
.