CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

GithubExploit•added 2026/06/13 4:5 a.m.•78 views

Exploit for Memory Allocation with Excessive Size Value in Apache Http_Server

http2-bomb-detector HTTP/2 Bomb CVE-2026-49975 Non-destru...

7.5CVSS5.6AI score0.10352EPSS

Exploits7

Tenable Nessus•added 2026/06/08 12:0 a.m.•74 views

Apache 2.4.x < 2.4.68 Multiple Vulnerabilities

The version of Apache httpd installed on the remote host is prior to 2.4.68. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.68 advisory. - CVE-2026-49975, also known as HTTP/2 Bomb, is a remote denial-of-service exploit against most major web servers, including:...

9.8CVSS5.4AI score0.10352EPSS

Exploits7References13

ATTACKERKB•added 2026/06/06 9:14 a.m.•9 views

CVE-2026-10725

Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per index...

5.7AI score0.00414EPSS

Exploits0References4

CVE•added 2026/06/06 9:14 a.m.•61 views

CVE-2026-10725

Protocol::HTTP2 for Perl (versions up to 1.12) is vulnerable to an HTTP/2 Bomb. The inbound HPACK path lacks a header-list size limit; headers_decode materialises a full key+value copy per indexed reference with no running size check, and stream_header_block_add appends every CONTINUATION frame u...

7.5CVSS5.7AI score0.00414EPSS

Exploits0References6Affected Software1

GithubExploit•added 2026/06/04 6:22 a.m.•604 views

Exploit for CVE-2026-49975

CVE-2026-49975 — HTTP/2 Bomb PoC !CVEhttps://img.shields...

5.8AI score0.10352EPSS

Exploits7

Rows per page