Apache · Apache Http Server · CVE-2026-24072
**Name of the Vulnerable Software and Affected Versions**
Apache HTTP versions prior to 2.4.67
**Description**
An escalation of privilege bug exists in various modules, including `mod rewrite` via `ap expr`, which allows local .htaccess authors to read files using the privileges of the httpd user.
**Recommendations**
Upgrade to version 2.4.67.