ZDNet

Apache's new security update for HTTP Server fixes two flaws

The Apache Software Foundation has released an update to address a critical flaw in its hugely popular web server that allows remote attackers to take control of a vulnerable system. The first Apache ...
ZDNet

CISA releases advisory on five Apache HTTP server vulnerabilities affecting Cisco products

Cisco noted that one of the vulnerabilities in the mod_proxy module of Apache HTTP Server (httpd) could allow an unauthenticated, remote attacker to make the httpd server forward requests to an ...
Threat Post

Critical Apache HTTPD Server Bugs Could Lead to RCE, DoS

Don’t freak: It’s got nothing to do with Log4Shell, except it may be just as far-reaching as Log4j, given HTTPD’s tendency to tiptoe into software projects. Don’t duck at the latest mention of Apache: ...
Security Boulevard

Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic

CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for Apache HTTP Server and Microsoft IIS. An unauthenticated attacker with HTTP ...
Bleeping Computer

QNAP asks users to mitigate critical Apache HTTP Server bugs

QNAP has asked customers to apply mitigation measures to block attempts to exploit Apache HTTP Server security vulnerabilities impacting their network-attached storage (NAS) devices. The flaws ...
Bleeping Computer

Apache emergency update fixes incomplete patch for exploited bug

Apache Software Foundation has released HTTP Web Server 2.4.51 after researchers discovered that a previous security update didn't correctly fix an actively exploited vulnerability. Apache HTTP Server ...
eWeek

Apache Patches Carpe Diem Vulnerability in Web Server Update

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Apache HTTP Web Server users are being urged to update ...