CVE Vulnerabilities

CVE-2026-44186

Loop with Unreachable Exit Condition ('Infinite Loop')

Published: Jun 08, 2026 | Modified: Jun 17, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

Loop with Unreachable Exit Condition (Infinite Loop) vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled backend FTP server.

This issue affects undefined: from 2.4.0 through 2.4.67.

Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

NameVendorStart VersionEnd Version
Http_serverApache2.4.0 (including)2.4.68 (excluding)
Apache2Ubuntudevel*
Apache2Ubuntuupstream*

References