Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Apache HTTP Server Remote Code Execution through mod_lua
MINI-f6m9-25h9-27m2
Summary
Apache's mod_lua module allows remote attackers to execute code on a server, potentially leading to unauthorized access and data theft. This issue affects Apache HTTP Server versions prior to 2.4.52. To protect your server, update to the latest version or apply a patch, and ensure mod_lua is not enabled unless necessary.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | kibana-9.1 | All versions | – |
| – | kibana-9.1-advanced | All versions | – |
| – | kibana-9.1-config | All versions | – |
| – | kibana-9.1-oci-entrypoint | All versions | – |
Original title
MINI-f6m9-25h9-27m2
Published: 16 Mar 2026 · Updated: 16 Mar 2026 · First seen: 16 Mar 2026