CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-33523

HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.

Exploit prediction scoring system (EPSS) score

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2026-33523

Apache » Http Server » Version: 2.4.0

cpe:2.3:a:apache:http_server:2.4.0
Apache » Http Server » Version: 2.4.1

cpe:2.3:a:apache:http_server:2.4.1
Apache » Http Server » Version: 2.4.10

cpe:2.3:a:apache:http_server:2.4.10
Apache » Http Server » Version: 2.4.11

cpe:2.3:a:apache:http_server:2.4.11
Apache » Http Server » Version: 2.4.12

cpe:2.3:a:apache:http_server:2.4.12
Apache » Http Server » Version: 2.4.13

cpe:2.3:a:apache:http_server:2.4.13
Apache » Http Server » Version: 2.4.14

cpe:2.3:a:apache:http_server:2.4.14
Apache » Http Server » Version: 2.4.15

cpe:2.3:a:apache:http_server:2.4.15
Apache » Http Server » Version: 2.4.16

cpe:2.3:a:apache:http_server:2.4.16
Apache » Http Server » Version: 2.4.17

cpe:2.3:a:apache:http_server:2.4.17
Apache » Http Server » Version: 2.4.18

cpe:2.3:a:apache:http_server:2.4.18
Apache » Http Server » Version: 2.4.19

cpe:2.3:a:apache:http_server:2.4.19
Apache » Http Server » Version: 2.4.2

cpe:2.3:a:apache:http_server:2.4.2
Apache » Http Server » Version: 2.4.20

cpe:2.3:a:apache:http_server:2.4.20
Apache » Http Server » Version: 2.4.21

cpe:2.3:a:apache:http_server:2.4.21
Apache » Http Server » Version: 2.4.22

cpe:2.3:a:apache:http_server:2.4.22
Apache » Http Server » Version: 2.4.23

cpe:2.3:a:apache:http_server:2.4.23
Apache » Http Server » Version: 2.4.24

cpe:2.3:a:apache:http_server:2.4.24
Apache » Http Server » Version: 2.4.25

cpe:2.3:a:apache:http_server:2.4.25
Apache » Http Server » Version: 2.4.26

cpe:2.3:a:apache:http_server:2.4.26
Apache » Http Server » Version: 2.4.27

cpe:2.3:a:apache:http_server:2.4.27
Apache » Http Server » Version: 2.4.28

cpe:2.3:a:apache:http_server:2.4.28
Apache » Http Server » Version: 2.4.29

cpe:2.3:a:apache:http_server:2.4.29
Apache » Http Server » Version: 2.4.3

cpe:2.3:a:apache:http_server:2.4.3
Apache » Http Server » Version: 2.4.30

cpe:2.3:a:apache:http_server:2.4.30
Apache » Http Server » Version: 2.4.31

cpe:2.3:a:apache:http_server:2.4.31
Apache » Http Server » Version: 2.4.32

cpe:2.3:a:apache:http_server:2.4.32
Apache » Http Server » Version: 2.4.33

cpe:2.3:a:apache:http_server:2.4.33
Apache » Http Server » Version: 2.4.34

cpe:2.3:a:apache:http_server:2.4.34
Apache » Http Server » Version: 2.4.35

cpe:2.3:a:apache:http_server:2.4.35
Apache » Http Server » Version: 2.4.36

cpe:2.3:a:apache:http_server:2.4.36
Apache » Http Server » Version: 2.4.37

cpe:2.3:a:apache:http_server:2.4.37
Apache » Http Server » Version: 2.4.38

cpe:2.3:a:apache:http_server:2.4.38
Apache » Http Server » Version: 2.4.39

cpe:2.3:a:apache:http_server:2.4.39
Apache » Http Server » Version: 2.4.4

cpe:2.3:a:apache:http_server:2.4.4
Apache » Http Server » Version: 2.4.40

cpe:2.3:a:apache:http_server:2.4.40
Apache » Http Server » Version: 2.4.41

cpe:2.3:a:apache:http_server:2.4.41
Apache » Http Server » Version: 2.4.42

cpe:2.3:a:apache:http_server:2.4.42
Apache » Http Server » Version: 2.4.43

cpe:2.3:a:apache:http_server:2.4.43
Apache » Http Server » Version: 2.4.44

cpe:2.3:a:apache:http_server:2.4.44
Apache » Http Server » Version: 2.4.45

cpe:2.3:a:apache:http_server:2.4.45
Apache » Http Server » Version: 2.4.46

cpe:2.3:a:apache:http_server:2.4.46
Apache » Http Server » Version: 2.4.47

cpe:2.3:a:apache:http_server:2.4.47
Apache » Http Server » Version: 2.4.48

cpe:2.3:a:apache:http_server:2.4.48
Apache » Http Server » Version: 2.4.49

cpe:2.3:a:apache:http_server:2.4.49
Apache » Http Server » Version: 2.4.5

cpe:2.3:a:apache:http_server:2.4.5
Apache » Http Server » Version: 2.4.50

cpe:2.3:a:apache:http_server:2.4.50
Apache » Http Server » Version: 2.4.51

cpe:2.3:a:apache:http_server:2.4.51
Apache » Http Server » Version: 2.4.52

cpe:2.3:a:apache:http_server:2.4.52
Apache » Http Server » Version: 2.4.53

cpe:2.3:a:apache:http_server:2.4.53
Apache » Http Server » Version: 2.4.54

cpe:2.3:a:apache:http_server:2.4.54
Apache » Http Server » Version: 2.4.55

cpe:2.3:a:apache:http_server:2.4.55
Apache » Http Server » Version: 2.4.56

cpe:2.3:a:apache:http_server:2.4.56
Apache » Http Server » Version: 2.4.57

cpe:2.3:a:apache:http_server:2.4.57
Apache » Http Server » Version: 2.4.58

cpe:2.3:a:apache:http_server:2.4.58
Apache » Http Server » Version: 2.4.59

cpe:2.3:a:apache:http_server:2.4.59
Apache » Http Server » Version: 2.4.6

cpe:2.3:a:apache:http_server:2.4.6
Apache » Http Server » Version: 2.4.60

cpe:2.3:a:apache:http_server:2.4.60
Apache » Http Server » Version: 2.4.61

cpe:2.3:a:apache:http_server:2.4.61
Apache » Http Server » Version: 2.4.62

cpe:2.3:a:apache:http_server:2.4.62
Apache » Http Server » Version: 2.4.63

cpe:2.3:a:apache:http_server:2.4.63
Apache » Http Server » Version: 2.4.64

cpe:2.3:a:apache:http_server:2.4.64
Apache » Http Server » Version: 2.4.65

cpe:2.3:a:apache:http_server:2.4.65
Apache » Http Server » Version: 2.4.66

cpe:2.3:a:apache:http_server:2.4.66
Apache » Http Server » Version: 2.4.7

cpe:2.3:a:apache:http_server:2.4.7
Apache » Http Server » Version: 2.4.8

cpe:2.3:a:apache:http_server:2.4.8
Apache » Http Server » Version: 2.4.9

cpe:2.3:a:apache:http_server:2.4.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-33523

Products

Pricing

Contact Us