High severity7.5NVD Advisory· Published May 4, 2026· Updated May 4, 2026
CVE-2026-34059
CVE-2026-34059
Description
Buffer Over-read vulnerability in Apache HTTP Server.
This issue affects Apache HTTP Server: through 2.4.66.
Users are recommended to upgrade to version 2.4.67, which fixes the issue.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.openwall.com/lists/oss-security/2026/05/04/17nvdMailing ListThird Party Advisory
- httpd.apache.org/security/vulnerabilities_24.htmlnvdVendor Advisory
News mentions
1- Patch Tuesday - May 2026Rapid7 Blog · May 13, 2026