Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Apache HTTP Server Unauthenticated Remote Code Execution Vulnerability
BELL-CVE-2026-23438
Summary
Apache's HTTP Server software has a critical security flaw that can be exploited by attackers to run malicious code on a server without needing a password. This means that if your website or web application uses Apache, you may be at risk of having your server compromised. You should update your Apache software to the latest version to fix this vulnerability.
What to do
- Update bellsoft linux-lts to version 6.1.167-r0.
- Update bellsoft linux-lts to version 6.12.80-r0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Alpaquita:23 | bellsoft | linux-lts |
>= 6.1.164-r0, < 6.1.167-r0 Fix: upgrade to 6.1.167-r0
|
| Alpaquita:25 | bellsoft | linux-lts |
>= 6.12.74-r0, < 6.12.80-r0 Fix: upgrade to 6.12.80-r0
|
| Alpaquita:stream | bellsoft | linux-lts |
>= 6.12.76-r0, < 6.12.80-r0 Fix: upgrade to 6.12.80-r0
|
Original title
BELL-CVE-2026-23438
- https://docs.bell-sw.com/security/cves/CVE-2026-23438 Vendor Advisory
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026