
ModSecurity Flaws Let Attackers Bypass WAF Rules and Request-Body Inspection
Two newly disclosed vulnerabilities in ModSecurity, the widely deployed open-source Web Application Firewall (WAF) engine, could allow attackers to bypass detection rules entirely. Both flaws affect ModSecurity versions up to 3.0.15 and are fixed in the newly released 3.0.16. Critical ModSecurity Flaws The first issue, tracked as CVE-2026-52761 (CVSS 3.1: 5.3, Moderate), lies in the […]
The post ModSecurity Flaws Let Attackers Bypass WAF Rules and Request-Body Inspection appeared first on Cyber Security News.