Apache · Apache Http Server · CVE-2026-33006
**Name of the Vulnerable Software and Affected Versions**
Apache HTTP Server version 2.4.66
**Description**
A timing attack against mod auth digest allows a remote attacker to bypass Digest authentication. A timing attack is a side-channel attack where the attacker attempts to compromise a system by analyzing the time it takes to execute specific algorithms or functions.
**Recommendations**
Upgrade to version 2.4.67.