Apache HTTP Server: Rejecting Malicious PUT Requests Can Be Tricky

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Apache HTTP Server: Rejecting Malicious PUT Requests Can Be Tricky

CVE-2026-27037

Summary

The Apache HTTP Server can have trouble rejecting malicious PUT requests, which could allow attackers to upload unauthorized files. This issue is important because it could let hackers take control of your website or web application. To protect yourself, update your Apache HTTP Server to the latest version as soon as possible.

Original title

Rejected reason: Not used

Original description

Rejected reason: Not used

Published: 18 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026