Apache HTTP Server is a technology platform tracked across 13 threat clusters and 23 intelligence report mentions on ThreatCluster. First observed December 11, 2025; most recent activity June 25, 2026.
Hewlett Packard Enterprise (HPE) has addressed a critical vulnerability in its OneView software, identified as CVE-2025-37164, which allows attackers to execute arbitrary code remotely without authentication. This flaw…
The Apache Software Foundation has issued an urgent security update for the Apache HTTP Server to address a severe vulnerability tracked as CVE-2026-23918, published on 2026-05-04. This flaw allows attackers to execute…
PTC Inc. has disclosed a critical vulnerability, CVE-2026-4681, in its Windchill and FlexPLM software that allows for remote code execution through the deserialization of trusted data. The vulnerability has been…
Oracle Linux 9 has issued two important advisories addressing critical vulnerabilities in the Apache HTTP Server. The first advisory (ELSA-2026-21391) details multiple CVEs, including CVE-2026-28780, which allows…
A severe vulnerability known as BadHost (CVE-2026-48710) has been identified in the Starlette framework, affecting millions of AI applications, including those built on FastAPI. This flaw allows unauthenticated…
The HTTP/2 Bomb is a newly discovered denial-of-service (DoS) attack that targets default configurations of major web servers, including NGINX, Apache, Microsoft IIS, Envoy, and Cloudflare Pingora. This attack,…
Four vulnerabilities affecting the Apache HTTP Server have been disclosed, including source code disclosures and denial-of-service (DoS) issues. The vulnerabilities, identified as CVE-2024-39884, CVE-2024-40725,…
Fedora has issued a critical security update for the Apache HTTP Server, addressing severe vulnerabilities identified as CVE-2025-58098. The update, version 2.4.66, was released on December 9, 2025, and affects users of…
A critical vulnerability (CVE-2026-21962) has been identified in Oracle HTTP Server and WebLogic Server Proxy Plug-in, allowing unauthenticated attackers to create, delete, or modify critical data. Oracle has released…
AISLE has launched Snapshot, an on-premises AI vulnerability scanner designed for regulated enterprises. This tool allows organizations to maintain control over their source code and security data while scanning for…