Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Apache HTTP Server Unauthenticated Remote Code Execution
BELL-CVE-2026-43501
Summary
Apache HTTP Server versions 2.4.52 and earlier have a vulnerability that allows attackers to execute arbitrary code on a server without needing a password. This could allow hackers to take control of the server or steal sensitive information. To protect yourself, you should update to the latest version of Apache HTTP Server.
What to do
- Update bellsoft linux-lts to version 6.12.87-r0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Alpaquita:23 | bellsoft | linux-lts | >= 6.1.170-r0 |
| Alpaquita:25 | bellsoft | linux-lts |
>= 6.12.85-r0, < 6.12.87-r0 Fix: upgrade to 6.12.87-r0
|
| Alpaquita:stream | bellsoft | linux-lts |
>= 6.12.85-r0, < 6.12.87-r0 Fix: upgrade to 6.12.87-r0
|
Original title
BELL-CVE-2026-43501
- https://docs.bell-sw.com/security/cves/CVE-2026-43501 Vendor Advisory
Published: 22 May 2026 · Updated: 1 Jun 2026 · First seen: 22 May 2026