Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Debian Linux: Unauthenticated Remote Code Execution in Apache2
DEBIAN-CVE-2026-34002
Summary
Debian Linux systems running Apache2 are at risk of a remote attack that could allow an attacker to execute arbitrary code. This means an attacker can potentially take control of a server without needing to log in. Users should update Apache2 to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Debian:11 | debian | xorg-server | All versions |
| Debian:12 | debian | xorg-server | All versions |
| Debian:13 | debian | xorg-server | All versions |
| Debian:14 | debian | xorg-server | All versions |
| Debian:12 | debian | xwayland | All versions |
| Debian:13 | debian | xwayland | All versions |
| Debian:14 | debian | xwayland | All versions |
Original title
DEBIAN-CVE-2026-34002
- https://security-tracker.debian.org/tracker/CVE-2026-34002 Vendor Advisory
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026