CVE-2026-33006: A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue.
Verknuepfte CVEs
| CVE-ID | Severity (CVE.org) | CVSS (CVE.org) | EPSS | EPSS-% | Veroeffentlicht (CVE.org) |
|---|---|---|---|---|---|
| MEDIUM | 4.8 | - | - | 2026-05-04 |
Quellen-Details
| Bezeichnung | Name | Kategorie | Tags | Zielgruppe | Sprache | Feed-URL |
|---|---|---|---|---|---|---|
| Apache HTTP Server Security (httpd.org JSON) | vendor_advisory | webserver, httpd | - | de | https://httpd.apache.org/security/vulnerabilities-httpd.json |