CVE-2026-28780: CWE-122 Heap-based Buffer Overflow in Apache Software Foundation Apache HTTP Server
CVE-2026-28780 is a critical heap-based buffer overflow vulnerability in the mod_proxy_ajp module of Apache HTTP Server versions up to 2.4.66. A malicious AJP server can send a specially crafted message that causes mod_proxy_ajp to write 4 attacker-controlled bytes beyond the end of a heap buffer. This vulnerability can lead to a high-impact compromise affecting confidentiality, integrity, and availability. The issue is fixed in Apache HTTP Server version 2.4.67, and users are strongly advised to upgrade to this version to mitigate the risk.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-28780) involves a heap-based buffer overflow in the mod_proxy_ajp module of Apache HTTP Server versions up to 2.4.66. An attacker controlling an AJP server can exploit this flaw by sending a crafted message that causes the module to overwrite 4 bytes beyond the allocated heap buffer boundary. This memory corruption can lead to severe impacts including full compromise of confidentiality, integrity, and availability of the affected server. The flaw is addressed in Apache HTTP Server 2.4.67, which contains the necessary fix to prevent this overflow.
Potential Impact
Successful exploitation allows an attacker controlling an AJP server to cause a heap buffer overflow in the mod_proxy_ajp module, potentially leading to arbitrary code execution or denial of service. The vulnerability impacts confidentiality, integrity, and availability of the Apache HTTP Server. Given the CVSS score of 9.8, the impact is critical.
Mitigation Recommendations
A fix is available in Apache HTTP Server version 2.4.67. Users should upgrade to this version promptly to mitigate the vulnerability. No other mitigation or temporary workaround is indicated in the provided data.
CVE-2026-28780: CWE-122 Heap-based Buffer Overflow in Apache Software Foundation Apache HTTP Server
Description
CVE-2026-28780 is a critical heap-based buffer overflow vulnerability in the mod_proxy_ajp module of Apache HTTP Server versions up to 2.4.66. A malicious AJP server can send a specially crafted message that causes mod_proxy_ajp to write 4 attacker-controlled bytes beyond the end of a heap buffer. This vulnerability can lead to a high-impact compromise affecting confidentiality, integrity, and availability. The issue is fixed in Apache HTTP Server version 2.4.67, and users are strongly advised to upgrade to this version to mitigate the risk.
CVSS v3.1
Score 9.8critical
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-28780) involves a heap-based buffer overflow in the mod_proxy_ajp module of Apache HTTP Server versions up to 2.4.66. An attacker controlling an AJP server can exploit this flaw by sending a crafted message that causes the module to overwrite 4 bytes beyond the allocated heap buffer boundary. This memory corruption can lead to severe impacts including full compromise of confidentiality, integrity, and availability of the affected server. The flaw is addressed in Apache HTTP Server 2.4.67, which contains the necessary fix to prevent this overflow.
Potential Impact
Successful exploitation allows an attacker controlling an AJP server to cause a heap buffer overflow in the mod_proxy_ajp module, potentially leading to arbitrary code execution or denial of service. The vulnerability impacts confidentiality, integrity, and availability of the Apache HTTP Server. Given the CVSS score of 9.8, the impact is critical.
Mitigation Recommendations
A fix is available in Apache HTTP Server version 2.4.67. Users should upgrade to this version promptly to mitigate the vulnerability. No other mitigation or temporary workaround is indicated in the provided data.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apache
- Date Reserved
- 2026-03-03T12:31:23.999Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69fa665ccbff5d861029ec69
Added to database: 5/5/2026, 9:51:24 PM
Last enriched: 5/28/2026, 9:19:33 PM
Last updated: 6/20/2026, 8:40:38 AM
Views: 243
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.