Apache HTTP Server Exposes Sensitive Information to Web Clients

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.3

Apache HTTP Server Exposes Sensitive Information to Web Clients

CVE-2026-1696

Summary

Some Apache HTTP Server responses lack security headers, potentially allowing hackers to steal sensitive data. This can happen when users visit the website or interact with it, putting user data at risk. To fix this, ensure the web server is configured to send the required security headers with every response.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
arcinformatique	pcvue	> 12.0.0 , <= 15.2.13	–
arcinformatique	pcvue	> 16.0.0 , <= 16.3.4	–

Original title

Some HTTP security headers are not properly set by the web server when sending responses to the client application.

Original description

Some HTTP security headers are not properly set by the web server when sending responses to the client application.

nvd CVSS4.0 2.3

Vulnerability type

CWE-79 Cross-site Scripting (XSS)

https://www.pcvue.com/security/#SB2026-2

Published: 26 Feb 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026