CVE-2026-54340
CVE-2026-54340 affects the h2o HTTP server (HTTP/2) and describes an HTTP/2 state amplification issue where HPACK decompression amplification combines with Slowloris-style stream stalling. Amplified decoded header state can be retained by stalled HTTP/2 streams; depending on configuration, additi...