FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

modsecurity3 -- multiple vulnerabilities

Affected packages
		modsecurity3	<	3.0.15

Details

VuXML ID	3c02dcfd-47d7-11f1-99fb-3497f65b111b
Discovery	2026-04-28
Entry	2026-05-04

ModSecurity is an open source web application firewall engine.

According to the upstream changelog, multiple vulnerabilities have been fixed.

CVE-2026-42268: unsigned integer underflow in verify operators
CVE-2026-30923: buffer overflow in hex_decode

References

CVE Name	CVE-2026-30923
CVE Name	CVE-2026-42268
URL	https://github.com/owasp-modsecurity/ModSecurity/blob/v3.0.15/CHANGES

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.