Api.Msrc.Microsoft
Multiple CVEs Disclosed for Apache HTTP Server Vulnerabilities
First seen 18 Feb 2026, 11:17 UTC
•
•79% similarity
•65.0
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Four vulnerabilities affecting the Apache HTTP Server have been disclosed, including source code disclosures and denial-of-service (DoS) issues. The vulnerabilities, identified as CVE-2024-39884, CVE-2024-40725, CVE-2024-27316, and CVE-2024-36387, impact configurations using AddType and HTTP/2 features. Organizations using affected versions of Apache HTTP Server should assess their systems for these vulnerabilities.
ThreatCluster AI
Timeline
2024-04-04
CVE-2024-27316 published
2024-04-09
First public PoC for CVE-2024-27316
2024-07-01
CVE-2024-36387 published
2024-07-04
CVE-2024-39884 published
2024-07-18
CVE-2024-40725 published
2024-07-19
First public PoC for CVE-2024-40725
2026-02-18
Information published about all four CVEs