CVE Catalog
CVE-2026-34355
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.69%
48th percentile - higher than 48% of all known CVEs
Summary
A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend.
Risk Assessment
An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service, compromising server confidentiality and availability.
Recommendation
Upgrade Apache HTTP Server to version 2.4.68 immediately, which fixes this issue.
Original NVD description (English source)
A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue.

