Vulnerability Database>CVE-2026-42536

CVE-2026-42536

Publish date: June 9, 2026
Severity
High
CVSS score
7.5
Package
apache2
Affected versions
>= 2.4.67-1~deb13u2

CVE Description: Heap-based buffer overflow vulnerability in Apache HTTP Server with mod_xml2enc, xml2StartParse, and untrusted content. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

NVD Record:

References:

Related CVEs: