A vulnerability has been found in Apache HTTP Server up to 2.4.67 and classified as critical . This issue affects some unknown processing of the component mod_ldap . The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2026-29167 . The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.