Primary

Context

Apache HTTP Server mod_sed Out-of-Bounds Write Vulnerability Allowing Heap Memory Overwrite

Vulnerability

Patched

A vulnerability allowing out-of-bounds write has been identified in the mod_sed module of Apache HTTP Server. This issue allows an attacker to overwrite heap memory with potentially attacker-supplied data. The vulnerability affects Apache HTTP Server versions 2.4.52 and earlier.

Impact

Exploitation of this vulnerability leads to a heap-based buffer overflow, which can commonly be exploited to execute arbitrary code.

Remediation

Users are advised to upgrade to Apache HTTP Server version 2.4.53 or later, which addresses this vulnerability.

Added: May 15, 2026, 1:14 PM

Updated: May 15, 2026, 1:14 PM

Vulnerability Rating

Custom Algorithm

spread

9.4

impact

0.6

exploitability

8.3

remediation

7.7

relevance

0.0

threat

1.2

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.4

impact

0.6

exploitability

8.3

remediation

7.7

relevance

0.0

threat

1.2

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache HTTP Server mod_sed Out-of-Bounds Write Vulnerability Allowing Heap Memory Overwrite

Vulnerability

Impact

Remediation

Affected Products

Apache HTTP Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating