Security Advisory: CVE-2026-49975 - High - Apache HTTP Server: mod_http2 denial of service

Severity: High (CVSS 7.5) Affected Systems: Apache Http Server; Debian Debian Linux; F5 Nginx Overview Apache HTTP Server: mod_http2 denial of service A high vulnerability identified as CVE-2026-49975 has been disclosed. Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via ... Read More »

29th Jun 2026
Security Advisory: CVE-2026-48618 - High - Node.js TLS Wildcard Verification Bypass via Unicode Dot Separator

Severity: High (CVSS 7.7) Affected Systems: Nodejs Nodejs Overview Node.js TLS Wildcard Verification Bypass via Unicode Dot Separator A high vulnerability identified as CVE-2026-48618 has been disclosed. A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass ... Read More »

26th Jun 2026
Security Advisory: CVE-2026-48933 - High - Node.js WebCrypto Subtle.encrypt Integer Overflow Crash

Severity: High (CVSS 7.5) Affected Systems: Nodejs Nodejs Overview Node.js WebCrypto Subtle.encrypt Integer Overflow Crash A high vulnerability identified as CVE-2026-48933 has been disclosed. A flaw in Node.js WebCrypto implementation can crash the process if the input of `subtle.encrypt()` is a multiple of 2GiB. This vulnerability affects ... Read More »

26th Jun 2026
Security Advisory: CVE-2026-23918 - High - Apache HTTP Server: http2: double free and possible RCE on early reset

Severity: High (CVSS 8.8) Affected Systems: Apache Http Server Overview Apache HTTP Server: http2: double free and possible RCE on early reset A high vulnerability identified as CVE-2026-23918 has been disclosed. Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: ... Read More »

21st Jun 2026
1 2 3