NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-24072

Summary	An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue.
Publication Date	May 4, 2026, 10:16 p.m.
Registration Date	May 5, 2026, 4:06 a.m.
Last Update	May 5, 2026, 3:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://httpd.apache.org/security/vulnerabilities_24.html	security@apache.org
2	http://www.openwall.com/lists/oss-security/2026/05/04/18	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-269	不適切な権限管理	https://cwe.mitre.org/data/definitions/269.html