CVE-2026-34355

CVE-2026-34355: Apache HTTP Server: mod_proxy_html buffer overflow

Vendor Apache Software Foundation

Product Apache HTTP Server

Weakness CWE-122

Published June 8, 2026

Last update June 8, 2026

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue.

Key dates

Disclosure timeline

June 8, 2026 CVE published

June 8, 2026 Record updated