CVE-2026-10642

The Zephyr PL011 UART driver drivers/serial/uartpl011.c contains an unbounded software loop in pl011irqtxenable that repeatedly invokes the interrupt-driven application callback while the TX interrupt mask bit PL011IMSCTXIM is set, to work around the controller's level-transition TX-interrupt...

CVE-2026-10642

The CVE-2026-10642 issue affects the Zephyr PL011 UART driver (drivers/serial/uart_pl011.c) where pl011_irq_tx_enable() can spin in an unbounded loop when CTS hardware flow control is enabled and CTS is de-asserted by the peer. This causes the TX interrupt to remain masked and the controller to s...

CVE-2026-10642 Unbounded TX busy-loop DoS in Zephyr PL011 UART driver under CTS hardware flow control

The Zephyr PL011 UART driver drivers/serial/uartpl011.c contains an unbounded software loop in pl011irqtxenable that repeatedly invokes the interrupt-driven application callback while the TX interrupt mask bit PL011IMSCTXIM is set, to work around the controller's level-transition TX-interrupt...

httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit, but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers a kmemleak:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Guard flow control updates with globaltxfc in buffer switching The function mvpp2bmswitchbuffers mvpp2bmpoolupdateprivfc when switching between per-cpu and shared buffer pool modes. This function programs the CM3 flow...

Exploit for Memory Allocation with Excessive Size Value in Apache Http_Server

CVE-2026-49975 HTTP/2 Bomb Complete Reproduction Guide Bas...

CVE-2026-48043

Netty is a network application framework for development of protocol servers and clients. In netty-codec-http2 prior to versions 4.1.135.Final and 4.2.15.Final, the DelegatingDecompressorFrameListener class orchestrates HTTP/2 decompression by embedding a per-stream EmbeddedChannel that runs the...

CVE-2026-48043 netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion

Netty is a network application framework for development of protocol servers and clients. In netty-codec-http2 prior to versions 4.1.135.Final and 4.2.15.Final, the DelegatingDecompressorFrameListener class orchestrates HTTP/2 decompression by embedding a per-stream EmbeddedChannel that runs the...

📄 HTTP/2 Multi-Server HPACK Exhaustion

This code implements a multi-target HTTP/2 resource exhaustion framework designed to stress or overwhelm server implementations through protocol-level amplification techniques. It includes server-specific payload generation for multiple platforms, automated connection orchestration, stream scalin...

GHSA-C2GF-V879-257J netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion

Impact The DelegatingDecompressorFrameListener class orchestrates HTTP/2 decompression by embedding a per-stream EmbeddedChannel that runs the appropriate decompression codec gzip, deflate, zstd and forwards decompressed chunks to a wrapped listener. Each decompressed chunk is a pooled ByteBuf...

netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion

Impact The DelegatingDecompressorFrameListener class orchestrates HTTP/2 decompression by embedding a per-stream EmbeddedChannel that runs the appropriate decompression codec gzip, deflate, zstd and forwards decompressed chunks to a wrapped listener. Each decompressed chunk is a pooled ByteBuf...

httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

Imperva Customers Protected Against CVE-2026-49975 (HTTP/2 Bomb) DoS

TL;DR: CVE-2026-49975, dubbed the “HTTP/2 Bomb,” is a critical remote Denial-of-Service DoS vulnerability affecting default HTTP/2 configurations of major web servers including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. Discovered by security firm Calif using OpenAI’s Code...

Exploit for CVE-2026-49975

CVE-2026-49975 — HTTP/2 Bomb PoC !CVEhttps://img.shields...

PT-2026-45945

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.17 through 2.4.67 nginx affected versions not specified Description A critical issue dubbed the HTTP/2 Bomb allows remote, unauthenticated attackers to cause a denial of service by exhausting server memory. In...

SUSE CVE-2026-43157

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers kmemleak:...

MT-JailBench: A Modular Benchmark for Understanding Multi-Turn Jailbreak Attacks

Multi-turn jailbreaks exploit the ability of large language models to accumulate and act on conversational context. Instead of stating a harmful request directly, an attacker can gradually steer the conversation toward an unsafe answer. Recent methods demonstrate this risk, but they are usually...