Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules
Summary
| CVE | CVE-2026-44119 |
|---|---|
| State | PUBLISHED |
| Assigner | apache |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-06-08 16:16:40 UTC |
| Updated | 2026-06-11 04:01:09 UTC |
| Description | Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue. |
Risk And Classification
Primary CVSS: v3.1 5.5 MEDIUM from ADP
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS: 0.001710000 probability, percentile 0.067210000 (date 2026-06-17)
Problem Types: CWE-269 | CWE-269 CWE-269 Improper Privilege Management
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | ADP | DECLARED | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| 3.1 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | Secondary | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
NoneAvailability
NoneCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Http Server | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Apache Software Foundation | Apache HTTP Server | affected 2.4.0 2.4.67 semver | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| httpd.apache.org/security/vulnerabilities_24.html | [email protected] | httpd.apache.org | Vendor Advisory |
| www.openwall.com/lists/oss-security/2026/06/08/11 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Lucian Nitescu (en)
CNA: as3617 (@real_as3617) at ENKI Whitehat (en)
CNA: Zhang San (en)
CNA: Martin Petrák (en)
CNA: joaovicdev (en)
CNA: Rooting | Lucas Torres (en)
CNA: R4mbb of KRsecurity (en)
CNA: gggggggga@Xiaomi ShadowBlade Security Lab (en)
CNA: NikKrian of H3C Security Center(h3c.com) (en)
CNA: lokerxx (en)
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| CNA | 2026-05-05T12:00:00.000Z | reported |
| CNA | 2026-06-05T12:00:00.000Z | fixed in 2.4.x by r1935017 |
| CNA | 2026-06-08T12:00:00.000Z | 2.4.68 released |
There are currently no legacy QID mappings associated with this CVE.