High severity7.5NVD Advisory· Published May 5, 2026· Updated May 7, 2026
CVE-2026-30923
CVE-2026-30923
Description
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Libmodsecurity is one component of the ModSecurity v3 project. A segmentation fault occurs when a rule using the t:hexDecode transformation inspects a query string parameter containing a single character. An attacker can exploit this to crash worker processes, causing a denial of service. Service resumes once the attack stops as worker processes recover from the segfault. All versions before 3.0.15 of libModSecurity3 are affected. This has been patched in version 3.0.15.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:owasp:modsecurity:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:owasp:modsecurity:*:*:*:*:*:*:*:*range: <3.0.15
- (no CPE)range: <3.0.15
- osv-coords3 versionspkg:bitnami/modsecuritypkg:bitnami/modsecurity2pkg:rpm/opensuse/modsecurity&distro=openSUSE%20Tumbleweed
>= 3.0.0, < 3.0.15+ 2 more
- (no CPE)range: >= 3.0.0, < 3.0.15
- (no CPE)range: < 3.0.15
- (no CPE)range: < 3.0.15-1.1
Patches
Vulnerability mechanics
References
2- github.com/owasp-modsecurity/ModSecurity/releases/tag/v3.0.15nvdPatchProduct
- github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-qrjc-3jpc-3h2gnvdExploitVendor Advisory
News mentions
0No linked articles in our index yet.