Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Apache HTTP Server Remote Code Execution in PHP
BELL-CVE-2026-43185
Summary
Apache HTTP Server's PHP module allows attackers to execute arbitrary code on the server, potentially leading to unauthorized data access or system compromise. This affects servers using the PHP module and exposes sensitive data to attackers. Update the Apache HTTP Server to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Alpaquita:23 | bellsoft | linux-lts | >= 6.1.170-r0 |
| Alpaquita:25 | bellsoft | linux-lts | >= 6.12.85-r0 |
| Alpaquita:stream | bellsoft | linux-lts | >= 6.12.85-r0 |
Original title
BELL-CVE-2026-43185
osv CVSS3.1
9.8
- https://docs.bell-sw.com/security/cves/CVE-2026-43185 Vendor Advisory
Published: 9 May 2026 · Updated: 10 May 2026 · First seen: 10 May 2026