CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2023-38709

highknown exploitedcovered by 2 sourcesfirst seen 2026-07-02
Actively exploited. CVE-2023-38709 is listed in the CISA Known Exploited Vulnerabilities catalog — exploitation has been observed in the wild, and US federal agencies are required to remediate it under BOD 22-01. Treat patching as urgent.
An attacker can exploit multiple vulnerabilities in Apache HTTP Server to carry out a Denial of Service attack, bypass security measures, disclose information, and manipulate files.

CSIRTS triage

What
Multiple vulnerabilities can be exploited by an attacker to carry out a Denial of Service attack, bypass security measures, disclose information, and manipulate files.
Who is affected
Deployments of Apache HTTP Server are affected.
Urgency
Remediation is high urgency due to the potential for severe impacts.
Action
Update to the latest version of Apache HTTP Server.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2023-38709

Get an email if CVE-2023-38709 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2023-38709

CVE.org record

CISA KEV catalog

Embed the live status

CVE-2023-38709 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2023-38709 status](https://www.csirts.com/badge/CVE-2023-38709)](https://www.csirts.com/cve/CVE-2023-38709)