{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-44119", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2026-05-05T11:34:53.172Z", "datePublished": "2026-06-08T15:17:31.939Z", "dateUpdated": "2026-06-09T11:57:10.824Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "2.4.67", "status": "affected", "version": "2.4.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Lucian Nitescu"}, {"lang": "en", "type": "finder", "value": "as3617 (@real_as3617) at ENKI Whitehat"}, {"lang": "en", "type": "finder", "value": "Zhang San"}, {"lang": "en", "type": "finder", "value": "Martin Petr\u00e1k"}, {"lang": "en", "type": "finder", "value": "joaovicdev"}, {"lang": "en", "type": "finder", "value": "Rooting | Lucas Torres"}, {"lang": "en", "type": "finder", "value": "R4mbb of KRsecurity"}, {"lang": "en", "type": "finder", "value": "gggggggga@Xiaomi ShadowBlade Security Lab"}, {"lang": "en", "type": "finder", "value": "NikKrian of H3C Security Center(h3c.com)"}, {"lang": "en", "type": "finder", "value": "lokerxx"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.</p><p>This issue affects Apache HTTP Server: from through 2.4.67.</p><p>Users are recommended to upgrade to version 2.4.68, which fixes the issue.</p>"}], "value": "Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.\n\nThis issue affects Apache HTTP Server: from through 2.4.67.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue."}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2026-06-08T15:17:31.939Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}], "source": {"discovery": "UNKNOWN"}, "timeline": [{"lang": "en", "time": "2026-05-05T12:00:00.000Z", "value": "reported"}, {"lang": "en", "time": "2026-06-05T12:00:00.000Z", "value": "fixed in 2.4.x by r1935017"}, {"lang": "eng", "time": "2026-06-08T12:00:00.000Z", "value": "2.4.68 released"}], "title": "Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/06/08/11"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-06-08T22:32:29.788Z"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-06-09T11:57:06.913774Z", "id": "CVE-2026-44119", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-09T11:57:10.824Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-44119", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-09T11:57:06.913774Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-06-09T11:56:44.983Z"}}], "cna": {"title": "Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Lucian Nitescu"}, {"lang": "en", "type": "finder", "value": "as3617 (@real_as3617) at ENKI Whitehat"}, {"lang": "en", "type": "finder", "value": "Zhang San"}, {"lang": "en", "type": "finder", "value": "Martin Petr\u00e1k"}, {"lang": "en", "type": "finder", "value": "joaovicdev"}, {"lang": "en", "type": "finder", "value": "Rooting | Lucas Torres"}, {"lang": "en", "type": "finder", "value": "R4mbb of KRsecurity"}, {"lang": "en", "type": "finder", "value": "gggggggga@Xiaomi ShadowBlade Security Lab"}, {"lang": "en", "type": "finder", "value": "NikKrian of H3C Security Center(h3c.com)"}, {"lang": "en", "type": "finder", "value": "lokerxx"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "moderate"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache HTTP Server", "versions": [{"status": "affected", "version": "2.4.0", "versionType": "semver", "lessThanOrEqual": "2.4.67"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-05-05T12:00:00.000Z", "value": "reported"}, {"lang": "en", "time": "2026-06-05T12:00:00.000Z", "value": "fixed in 2.4.x by r1935017"}, {"lang": "eng", "time": "2026-06-08T12:00:00.000Z", "value": "2.4.68 released"}], "references": [{"url": "https://httpd.apache.org/security/vulnerabilities_24.html", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.\n\nThis issue affects Apache HTTP Server: from through 2.4.67.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue.", "supportingMedia": [{"type": "text/html", "value": "<p>Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.</p><p>This issue affects Apache HTTP Server: from through 2.4.67.</p><p>Users are recommended to upgrade to version 2.4.68, which fixes the issue.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2026-06-08T15:17:31.939Z"}}}, "cveMetadata": {"cveId": "CVE-2026-44119", "state": "PUBLISHED", "dateUpdated": "2026-06-08T22:32:29.788Z", "dateReserved": "2026-05-05T11:34:53.172Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2026-06-08T15:17:31.939Z", "assignerShortName": "apache"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "03F07E89-F9BF-4913-8250-F79447AA6EBD", "versionEndExcluding": "2.4.68", "versionStartIncluding": "2.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.\n\nThis issue affects Apache HTTP Server: from through 2.4.67.\n\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue."}], "id": "CVE-2026-44119", "lastModified": "2026-06-11T04:01:09.907", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-06-08T16:16:40.203", "references": [{"source": "security@apache.org", "tags": ["Vendor Advisory"], "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2026/06/08/11"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security@apache.org", "type": "Secondary"}]}

{"bugzilla": {"description": "httpd: Apache HTTP Server: Local .htaccess authors can read files with httpd user privileges", "id": "2486416", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486416"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-266", "details": ["Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.\nThis issue affects Apache HTTP Server: from through 2.4.67.\nUsers are recommended to upgrade to version 2.4.68, which fixes the issue.", "A flaw was found in Apache HTTP Server. This improper privilege management vulnerability allows local .htaccess authors to read files with the privileges of the httpd user. This could lead to unauthorized information disclosure."], "name": "CVE-2026-44119", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Affected", "package_name": "httpd", "product_name": "Red Hat Hardened Images"}], "public_date": "2026-06-08T15:17:31Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-44119\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-44119\nhttps://httpd.apache.org/security/vulnerabilities_24.html"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.4.0,2.4.67]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Apache HTTP Server", "source": "cna", "vendor": "Apache Software Foundation"}, "product": "http_server", "vendor": "apache"}], "created": "2026-06-08T16:30:06.603677+00:00", "updated": "2026-06-13T02:00:08.430912+00:00", "vendors": ["apache", "apache$PRODUCT$http_server"]}