Http Server CVE Vulnerabilities

By Ibm8 known vulnerabilities

Also tracked as: apache/http-server
Critical
1
High
6
Medium
1
Low
0
None
0

All Http Server CVEs

Recent Highest Score Oldest
CVE-2026-9170
9.8 critical

IBM HTTP Server 8.5, and 9.0

May 26, 2026
CVE-2026-8856
7.7 high

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.

May 26, 2026
CVE-2026-8855
8.1 high

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).

May 26, 2026
CVE-2026-8854
7.5 high

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.

May 26, 2026
CVE-2026-8835
7.3 high

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service.

May 26, 2026
CVE-2026-8834
8.0 high

IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service.

May 26, 2026
CVE-2026-8852
6.2 medium

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_fastcgi module.

May 26, 2026
CVE-2026-8850
7.5 high

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_ibm_upload.

May 26, 2026