Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server Improper Privilege Management Vulnerability (CVE-2026-44119)

Description

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Remediation

References

Related Vulnerabilities

WordPress Plugin SrbTransLatin Multiple Vulnerabilities (1.46)

WordPress Plugin Easy Form Builder Arbitrary File Upload (1.0)

WordPress Plugin Responsive Menu-Create Mobile-Friendly Menu Multiple Vulnerabilities (3.1.3)

Moodle Uncontrolled Resource Consumption Vulnerability (CVE-2020-25630)

MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-32036)

Severity

Medium

Classification

CVE-2026-44119 CWE-269 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities