CVE-2026-29167

NONE

—CVSS v3

—CVSS v2

— EPSS (exploit probability)

CWE-416CWE

Description

Use After Free vulnerability in Apache HTTP Server with mod_ldap in per-directory configuration

This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.

Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE