Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE
Apache fixed several flaws in HTTP Server, including CVE-2026-23918 (CVSS score of 8.8), a double-free bug in HTTP/2 that could allow remote code execution. The Apache Software Foundation has released updates to fix multiple vulnerabilities in its HTTP Server, including CVE-2026-23918 (CVSS score of
ORIGINAL SOURCE →via Security Affairs
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
- [CYBER] Athena Cost Kill Switch: Automated IAM Credential Revocation with CloudWatch, EventBridge, and Lambda
- [CYBER] Microsoft Teams on Android Now Lets Users Join External Meetings Through SIP
- [CYBER] From Stuxnet to ChatGPT: 20 News Events That Shaped Cyber
- [CYBER] CyberSecurity Nightmares
- [CYBER] Türkiye aims for local, national protection in cyber space