CVE-2026-30923 | OWASP ModSecurity up to 3.0.14 on Apache LibModSecurity t:hexDecode out-of-bounds (GHSA-qrjc-3jpc-3h2g)

A vulnerability was found in OWASP ModSecurity up to 3.0.14 on Apache. It has been declared as problematic. This affects the function t:hexDecode of the component LibModSecurity. Such manipulation leads to out-of-bounds read.

This vulnerability is referenced as CVE-2026-30923. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More