CVE-2026-28808: ScriptAlias CGI targets bypass directory auth in inets httpd (mod_auth vs mod_cgi path mismatch)
Overview
- Severity
- N/A
- Exploit Status
- Not Exploited
- Patch Tuesday
- 2026-Apr
- Released
- 2026-04-23
- EPSS Score
- 0.02% (percentile: 5.7%)
Affected Products (2)
Other
Revision History
- 2026-04-23: Information published.