【Vulnerability Alert】Apache HTTP Server Has High-Risk Security Vulnerabilities (CVE-2026-23918, CVE-2026-29167, and CVE-2026-44631). Please Confirm and Apply Patches as Soon as Possible.
Source: Ministry of education information & communication security contingency platform
"" "" ""
| Publication Number | TACERT-ANA-2026062903064848 | Publication Time | 2026-06-29 15:24:49 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2026-06-29 15:24:49 |
| Impact Level | Middle | ||
| [Subject] 【Vulnerability Alert】Apache HTTP Server Has High-Risk Security Vulnerabilities (CVE-2026-23918, CVE-2026-29167, and CVE-2026-44631). Please Confirm and Apply Patches as Soon as Possible. |
|||
| [Content]
Forwarded from the National Institute of Cyber Security Security Advisory NISAC-200-202606-00000013 Researchers have discovered that Apache HTTP Server has three high-risk security vulnerabilities (CVE-2026-23918, CVE-2026-29167, and CVE-2026-44631). The types include Double Free, Use After Free, and Buffer Overflow vulnerabilities. The most severe vulnerability may allow an authenticated remote attacker to execute arbitrary code. Please confirm and apply patches as soon as possible. Information Sharing Level: WHITE (the intelligence content is information that may be publicly disclosed) |
|||
| [Affected Platform]
Apache HTTP Server 2.4.66 Apache HTTP Server versions 2.4.0 to 2.4.67 |
|||
|
[Recommended Actions] The official source has released fix updates for the vulnerabilities. Please refer to the official instructions to perform the update. The URL is as follows: |
|||
|
[Reference] 1. https://httpd.apache.org/security/vulnerabilities_24.html |
|||
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw





