Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Apache HTTP Server Unauthenticated Remote Code Execution
BELL-CVE-2026-42257
Summary
The Apache HTTP Server is affected by a vulnerability that allows attackers to execute arbitrary code on a server without needing a password. This could allow unauthorized access to sensitive data or system compromise. Update the Apache HTTP Server to the latest version to fix this issue.
What to do
- Update bellsoft ruby-net-imap to version 0.5.14-r0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Alpaquita:25 | bellsoft | ruby-net-imap |
>= 0.5.8-r0, < 0.5.14-r0 Fix: upgrade to 0.5.14-r0
|
| Alpaquita:stream | bellsoft | ruby-net-imap |
>= 0.4.8-r0, < 0.5.14-r0 Fix: upgrade to 0.5.14-r0
|
Original title
BELL-CVE-2026-42257
osv CVSS3.1
9.8
- https://docs.bell-sw.com/security/cves/CVE-2026-42257 Vendor Advisory
Published: 13 May 2026 · Updated: 22 May 2026 · First seen: 22 May 2026