CVE Catalog
CVE-2026-42535
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk0.02%
5th percentile — higher than 5% of all known CVEs
Summary
A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes.
Risk Assessment
Organizations may experience process crashes, which can affect the availability of WebDAV-based services.
Recommendation
Users are recommended to upgrade to version 2.4.68, which fixes this issue.
Original NVD description (English source)
A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue.

