Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Apache HTTP Server Allows Unauthorized File Access via Malicious URLs
BELL-CVE-2026-23426
Summary
The Apache HTTP Server is vulnerable to a bug that could allow attackers to access files on the server without permission. This could happen if an attacker sends a specially crafted URL to the server. To protect your server, ensure you're running the latest version of the Apache HTTP Server and review your file permissions to prevent unauthorized access.
What to do
- Update bellsoft linux-lts to version 6.1.167-r0.
- Update bellsoft linux-lts to version 6.12.80-r0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Alpaquita:23 | bellsoft | linux-lts |
>= 6.1.164-r0, < 6.1.167-r0 Fix: upgrade to 6.1.167-r0
|
| Alpaquita:25 | bellsoft | linux-lts |
>= 6.12.74-r0, < 6.12.80-r0 Fix: upgrade to 6.12.80-r0
|
| Alpaquita:stream | bellsoft | linux-lts |
>= 6.12.76-r0, < 6.12.80-r0 Fix: upgrade to 6.12.80-r0
|
Original title
BELL-CVE-2026-23426
- https://docs.bell-sw.com/security/cves/CVE-2026-23426 Vendor Advisory
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026