{"vulnerability": "CVE-2026-2391", "sightings": [{"uuid": "60f6544f-e8cd-487c-a79b-89c3c6e6897a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2391", "type": "seen", "source": "https://gist.github.com/harupy/8205ee018b031d5a4991b34d2f42bed9", "content": "", "creation_timestamp": "2026-02-19T12:48:01.000000Z"}, {"uuid": "9af2a6b5-dcf7-4c91-8b78-a5658ef17b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2391", "type": "seen", "source": "https://gist.github.com/alon710/c6963cc90ba7a2a5c311d6e3cd8e6558", "content": "", "creation_timestamp": "2026-02-12T17:40:24.000000Z"}, {"uuid": "fec581d5-ea41-4c2c-9a3c-2474400818a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml23ey76qf2z", "content": "\ud83d\udfe0 CVE-2026-23918 - High (8.8)\n\nDouble Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol.\n\nThis ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-23918/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T16:22:24.480065Z"}, {"uuid": "fc1192ca-f039-4085-9a5b-73c334ede5d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23919", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mhvcqd54ze2r", "content": "", "creation_timestamp": "2026-03-25T14:35:06.876641Z"}, {"uuid": "412277f4-d2ca-48f6-b880-681b2f191cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://infosec.exchange/users/harrysintonen/statuses/116517446102524326", "content": "Several vulnerabilities in #Apache HTTP Server 2.4 have been fixed in release 2.4.67. The most severe of these are:\n- CVE-2026-23918: Apache HTTP Server: http2: double free and possible RCE on early reset\n- CVE-2026-24072: Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr\n- CVE-2026-33006: Apache HTTP Server: mod_auth_digest timing attack\nhttps://httpd.apache.org/security/vulnerabilities_24.html\n#CVE_2026_23918 #CVE_2026_24072 #CVE_2026_33006 #infosec #cybersecurity", "creation_timestamp": "2026-05-04T17:18:52.927565Z"}, {"uuid": "71374c87-71f4-42dd-90f7-2dad8c556b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3ml2ljesytc2o", "content": "Apache HTTP Server\u306e\u8106\u5f31\u6027(Important: CVE-2026-23918, Moderate: CVE-2026-24072, CVE-2026-33006, Low:\u8907\u6570)\u30682.4.67\u30ea\u30ea\u30fc\u30b9\n\n#sios_tech #security #vulnerability #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u8106\u5f31\u6027 #apache #struts\n\nsecurity.sios.jp/vulnerabilit...", "creation_timestamp": "2026-05-04T21:11:14.606959Z"}, {"uuid": "1ce6f8ad-1df6-467e-a1fa-81959c8c1e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ml2a7f5yvr2e", "content": "CVE-2026-23918: Apache HTTP Server: http2: double free and possible RCE on early reset", "creation_timestamp": "2026-05-04T17:48:44.658063Z"}, {"uuid": "4f09d65c-4fec-45f2-9d4f-4eb473092d95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3ml45bb4yih24", "content": "#Apache HTTP Server Vulnerability CVE-2026-23918 Exposes Millions of Servers to Remote Code Execution Attacks.\nAnyone running Apache httpd version 2.4.66 or earlier are strongly urged to upgrade immediately!\n\n\ud83d\udc47", "creation_timestamp": "2026-05-05T12:01:29.862971Z"}, {"uuid": "302c819a-9dd1-4d78-872e-c69a2a9460a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/slackers.it/post/3ml2v2l43l42x", "content": "8/11\n\nhttps://www.cve.org/CVERecord?id=CVE-2026-28780\n    https://www.cve.org/CVERecord?id=CVE-2026-24072\n    https://www.cve.org/CVERecord?id=CVE-2026-23918\n  (* Security fix *)\nn/krb5-1.22.2-x86_64-2.txz:  Rebuilt.\n  Harden perms on /usr/bin/ksu.", "creation_timestamp": "2026-05-05T00:01:53.001722Z"}, {"uuid": "2fccdaee-3bd7-4567-b2df-257988b21652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hmier.bsky.social/post/3ml45f7nvfk2f", "content": "high risk CVE-2026-23918 in Apache HTTP Server HTTP/2 implementation.\n\ncc @levhita.net", "creation_timestamp": "2026-05-05T12:03:38.617483Z"}, {"uuid": "cd4313b1-90f1-4ad1-a1b1-af575257907f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3ml4fuvyyd22w", "content": "\ud83d\udd17 CVE : CVE-2026-23918, CVE-2026-24072, CVE-2026-28780, CVE-2026-29168, CVE-2026-29169, CVE-2026-33006, CVE-2026-33007, CVE-2026-33523, CVE-2026-33857, CVE-2026-34032, CVE-2026-34059", "creation_timestamp": "2026-05-05T14:35:36.033419Z"}, {"uuid": "972af01d-8151-4f89-a307-a7f1ffcb9034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3ml3cthchsr2i", "content": "Critical Apache HTTP Server Flaw Exposes Millions of Servers to RCE Attacks: A Technical Deep Dive into CVE-2026-23918 +\u00a0Video\n\nIntroduction: A critical remote code execution (RCE) vulnerability, designated CVE-2026-23918 and rated High with a CVSS base score of 8.8, has been discovered in the\u2026", "creation_timestamp": "2026-05-05T04:08:26.721217Z"}, {"uuid": "e18f0032-9430-47f0-92e6-af4c76772daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ml4n4zvkivu2", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-05T16:46:28.377626Z"}, {"uuid": "233b72b5-dfd0-420f-9590-0278785d8f29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/GithubRedTeam/82941", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a cve-2026-23918\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a sibersan\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-05 15:56:29\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPython tools to audit Apache HTTP Server for CVE-2026-23918 (HTTP/2 RCE) and four related CVEs. Passive and local scanners.   Read-only auditing toolkit for the May 2026 Apache HTTPD security advisory (CVE-2026-23918 and 4 others).\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-05T16:00:05.000000Z"}, {"uuid": "f272093b-8c99-45a5-99fe-84c7b6b8954e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3ml4o7mhv4h2z", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE", "creation_timestamp": "2026-05-05T17:04:44.940295Z"}, {"uuid": "4b623ef3-45bc-429d-a838-92e7bbf37ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ml4ohk3krx2b", "content": "Critical #Apache HTTP Server update released! Patch CVE-2026-23918 to prevent potential RCE attacks. Upgrade to version 2.4.67 now! #CyberSecurity #InfoSec #RCE Link: thedailytechfeed.com/critical-apa...", "creation_timestamp": "2026-05-05T17:09:10.577497Z"}, {"uuid": "b0fb3d40-2f37-461d-a183-a8ac8c4ba195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/bitnami.bsky.social/post/3ml4itn3i4s2z", "content": "23 hours. That's how long it took Bitnami to go from a critical Apache RCE disclosure (CVE-2026-23918) to fully patched container images for Apache, WordPress, Drupal, Moodle, Matomo, and phpMyAdmin.\n\nHere's the full breakdown: community.broadcom.com/tanzu/blogs/...", "creation_timestamp": "2026-05-05T15:28:36.275046Z"}, {"uuid": "5a9af20a-e70a-4bfb-a369-9c4be7813888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ml4pcbq5od2b", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE", "creation_timestamp": "2026-05-05T17:24:07.945150Z"}, {"uuid": "1bf396e5-27cb-4c4c-b3fb-d33b7169bedc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/it4intserver.bsky.social/post/3ml4puiyibt2h", "content": "iT4iNT SERVER Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE VDS VPS Cloud #Apache #HTTP2 #CVE202623918 #CyberSecurity #RCE", "creation_timestamp": "2026-05-05T17:34:21.430904Z"}, {"uuid": "eb048eda-a7b9-485a-a31f-f817a25bc985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/ctinow/249784", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE\nhttps://ift.tt/zVb4ZwY", "creation_timestamp": "2026-05-05T16:49:29.000000Z"}, {"uuid": "28360498-b53c-4410-b062-ad4621ac2eb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/cibsecurity/89315", "content": "\ud83d\udd8b\ufe0f Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE \ud83d\udd8b\ufe0f\n\nThe Apache Software Foundation ASF has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution RCE. The vulnerability, tracked as CVE202623918 CVSS score 8.8, has been described as a case of \"double free and possible RCE\" in the HTTP2 protocol handling. This issue.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-05-05T16:45:07.000000Z"}, {"uuid": "07f31542-5533-48bc-b9de-6d1aee369d9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3ml4rdb22vn2a", "content": "Apache HTTP Server patch 2.4.67 fixes a critical HTTP/2 double-free flaw (CVE-2026-23918) in mod_http2 allowing DoS and possible remote code execution via crafted HTTP/2 frames. #ApachePatch #HTTP2Bug #Poland", "creation_timestamp": "2026-05-05T18:00:28.115235Z"}, {"uuid": "c834df2d-2b7c-4f10-b537-8ae72e5e7030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html", "content": "The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution (RCE).\nThe vulnerability, tracked as CVE-2026-23918 (CVSS score: 8.8), has been described as a case of \"double free and possible RCE\" in the HTTP/2 protocol handling. This issue", "creation_timestamp": "2026-05-05T14:19:00.000000Z"}, {"uuid": "d77e179c-30e8-495a-a098-0ad7da56c5c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://infosec.exchange/users/patrickcmiller/statuses/116526030575901645", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html", "creation_timestamp": "2026-05-06T05:42:03.380884Z"}, {"uuid": "3f8a04c5-2e7d-4966-a393-5fdbb77a2e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/apache-http-server-multiple-vulnerabilities_20260506", "content": "", "creation_timestamp": "2026-05-05T18:00:00.000000Z"}, {"uuid": "f0efb4ea-29b0-43aa-b6c9-0ef575ea4bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/bdufstecru/3136", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP/2 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache HTTP Server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\n\nBDU:2026-06305\nCVE-2026-23918\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://httpd.apache.org/security/vulnerabilities_24.html\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0442\u043a\u043e\u043b\u0430 HTTP/2 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0442\u0440\u043e\u043a\u0438 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c \u0444\u0430\u0439\u043b\u0435 (httpd.conf) \u0438\u043b\u0438 \u0432\u043e \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u043c \u0432 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c \u0444\u0430\u0439\u043b\u0435.", "creation_timestamp": "2026-05-06T15:27:47.000000Z"}, {"uuid": "8e3183f3-a9d4-4491-a4a5-b3752a118070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/10165", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE \u2013 thehackernews.com\n\nWed, 06 May 2026 00:19:00", "creation_timestamp": "2026-05-05T20:03:10.000000Z"}, {"uuid": "0221a14a-1d08-45ba-be83-bd586c2aac6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/lu1tr0n.bsky.social/post/3ml56hjuczm2j", "content": "Apache HTTP Server 2.4.67 cierra 11 vulnerabilidades de mayo: el RCE en HTTP/2 ([CVE-2026-23918](https://nvd.nist.gov/vuln/detail/CVE-2026-23918)) que obliga a parchear hoy\n\n\nhttps://elsolitario.org/2026/05/05/apache-http-server-2-4-67-cierra-11-vulnerabilidades-de-mayo-el-rce-en-http-2-cv/?utm_s...", "creation_timestamp": "2026-05-05T21:55:30.243263Z"}, {"uuid": "a1e67579-b9e7-4fa4-b744-1fd801b9c59a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/lu1tr0n.bsky.social/post/3ml56kfmcd72x", "content": "Apache HTTP Server 2.4.67 cierra 11 vulnerabilidades de mayo: el RCE en HTTP/2 (CVE-2026-23918) que obliga a parchear hoy\n\n\nhttps://elsolitario.org/2026/05/05/apache-http-server-2-4-67-cierra-11-vulnerabilidades-de-mayo-el-rce-en-http-2-cv/?utm_source=bluesky&utm_medium=social&utm_campaign=progra...", "creation_timestamp": "2026-05-05T21:57:05.821137Z"}, {"uuid": "9676aa14-5cff-40e7-9621-8918fffac3f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/thehackernews/8941", "content": "\ud83d\udea8 Apache patches CVE-2026-23918 (CVSS 8.8) in HTTP Server 2.4.66.\n\nThe HTTP/2 double-free flaw can trigger DoS and potentially enable remote code execution via crafted requests. Fixed in 2.4.67.\n\nDetails here: https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html", "creation_timestamp": "2026-05-05T16:26:43.000000Z"}, {"uuid": "9fca98cd-0ded-44de-858a-fbab5de3dba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/DJPRMF.mastodon.social.ap.brid.gy/post/3ml5bypqufhm2", "content": "Est\u00e1 a ser uns dias complicados para muitos... \ud83e\udee0\n\nhttps://support.cpanel.net/hc/en-us/articles/40229402602519-Security-CVE-2026-23918", "creation_timestamp": "2026-05-05T22:58:49.007494Z"}, {"uuid": "20716d79-855c-4c97-8443-fc43c61ed398", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3ml5nsllfhs2z", "content": "Top 3 CVE for last 7 days:\nCVE-2026-31431: 561 interactions\nCVE-2026-41940: 122 interactions\nCVE-2026-3854: 42 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-41940: 40 interactions\nCVE-2026-31431: 21 interactions\nCVE-2026-23918: 12 interactions\n", "creation_timestamp": "2026-05-06T02:30:17.202506Z"}, {"uuid": "eb3266d6-8357-42e3-a84b-a97153309f82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://infosec.exchange/users/harrysintonen/statuses/116527208469343364", "content": "#Debian stable #apache2 package 2.4.66-1~deb13u2 already includes the fix for CVE-2026-23918.\nYou an verify this by apt-source apache2and then checking out apache2-2.4.66/debian/patches/bug1125368.patch\nThe security tracker at https://security-tracker.debian.org/tracker/CVE-2026-23918 currently has wrong information. This is likely due to automation based on version numbers alone.\n#CVE_2026_23918", "creation_timestamp": "2026-05-06T10:41:35.024766Z"}, {"uuid": "23f16af1-56a3-4717-8d95-85e2b18bfa78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/it-connect.bsky.social/post/3ml6m25ln7m2l", "content": "\u26a0\ufe0f  Faille de s\u00e9curit\u00e9 Apache2\n\nUne nouvelle vuln\u00e9rabilit\u00e9 importante, identifi\u00e9e sous la r\u00e9f\u00e9rence CVE-2026-23918, a \u00e9t\u00e9 patch\u00e9e dans la derni\u00e8re version d'Apache2.\n\nPlus d'infos par ici \ud83d\udd3d \n- www.it-connect.fr/faille-apach...\n\n#apache #linux #webserver #infosec", "creation_timestamp": "2026-05-06T11:31:14.740938Z"}, {"uuid": "bc1363ca-ac5b-4311-9a77-6a0ef0b48d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3ml6nhmzv4m2x", "content": "Apache HTTP Server Fix Release for Critical HTTP/2 Double-Free Vulnerability CVE-2026-23918 +\u00a0Video\n\nIntroduction A critical security flaw has been identified and patched in the Apache HTTP Server, one of the most widely used web server platforms in the world. The vulnerability, tracked as\u2026", "creation_timestamp": "2026-05-06T11:56:39.551655Z"}, {"uuid": "807bdc1f-0f55-44b0-85fb-eff8b076ae4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/Xvu4gDVXcxvV1IVouigrSoHUInOyP30DE259UYWqVgND-YrA", "content": "", "creation_timestamp": "2026-05-06T11:20:05.000000Z"}, {"uuid": "23591acb-2c93-46ea-a4f3-4e848a6fa011", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/GithubRedTeam/83049", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a -CVE-2026-23918\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a seguridadentrerios\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-06 10:59:52\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n Apache HTTP Server http2\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-06T11:00:05.000000Z"}, {"uuid": "ac03892e-2eb6-45b4-84c4-7645de32d2ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/ctinow/249822", "content": "Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE\nhttps://ift.tt/UFkn06G", "creation_timestamp": "2026-05-06T11:09:03.000000Z"}, {"uuid": "0c8b9e6a-2213-49a7-ab06-68941dc06418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3ml6ojqdvsl2x", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-05-06T12:15:43.959368Z"}, {"uuid": "79270e53-b9f7-450b-8e69-021a5d2abc5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/tychotithonus.infosec.exchange.ap.brid.gy/post/3ml6paounyt72", "content": "@Andres4NY Parent post updated, apparently CVE-2026-23918 was fixed much earlier?", "creation_timestamp": "2026-05-06T12:32:34.821340Z"}, {"uuid": "c27d670b-d537-4ce4-85e6-9f3db63449ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/9fU2vzKMa2gcn-wKAyzn4AxPbX3PdbIrb-3vvNDymdxAcQ", "content": "", "creation_timestamp": "2026-05-05T17:14:44.000000Z"}, {"uuid": "51c5b0df-c039-490c-95bd-7fc7a819c6d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116527808438415469", "content": "\ud83d\udcf0 Critical RCE Flaw in Apache HTTP Server's HTTP/2 Module Patched\n\ud83d\udea8 CRITICAL APACHE FLAW: A double-free bug (CVE-2026-23918) in Apache HTTP Server's http2 module allows for DoS and potential RCE. A PoC exploit exists. Upgrade to version 2.4.67 immediately! #Apache #CyberSecurity #Vulnerability #RCE\n\ud83d\udd17 https://cyber.netsecops.io", "creation_timestamp": "2026-05-06T13:14:09.984538Z"}, {"uuid": "a5a0efcf-d068-4aa9-a6f0-b0b6b67f14a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3ml6rsyjmiu2e", "content": "\ud83d\udea8 CRITICAL APACHE FLAW: A double-free bug (CVE-2026-23918) in Apache HTTP Server's http2 module allows for DoS and potential RCE. A PoC exploit exists. Upgrade to version 2.4.67 immediately! #Apache #CyberSecurity #Vulnerability #RCE", "creation_timestamp": "2026-05-06T13:14:36.342561Z"}, {"uuid": "46df45e6-85d8-4e12-b41b-58a26ed1468e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/modat-io.bsky.social/post/3ml6t6tdfu22z", "content": "\u26a0\ufe0f CVE-2026-23918: Double free in Apache HTTP Server 2.4.66 HTTP/2 may allow unauth RCE via crafted requests, risking full server compromise. Update to 2.4.67 or disable HTTP/2/restrict access. Query: web.headers=\"Server: Apache/2.4.66\"\u00a0\n\nThe platform: magnify.modat.io", "creation_timestamp": "2026-05-06T13:39:13.238213Z"}, {"uuid": "bbe8bb5b-c6e5-4282-a8c5-9ac03b747b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ml6vqyt6472y", "content": "Critical #Apache HTTP/2 flaw (CVE-2026-23918) enables DoS and potential RCE. Update to version 2.4.67 immediately to secure your servers. #CyberSecurity #Vulnerability #HTTP2 Link: thedailytechfeed.com/critical-apa...", "creation_timestamp": "2026-05-06T14:25:05.328348Z"}, {"uuid": "fca19aa0-e42f-4549-b3e0-8bbd38d5f689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://www.cert.se/2026/05/allvarlig-sarbarhet-i-apache.html", "content": "", "creation_timestamp": "2026-05-06T06:55:00.000000Z"}, {"uuid": "e24b599d-e23d-420a-a6ca-ee39833b346d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/ehcgroup.bsky.social/post/3ml77eelrlk2a", "content": "Vulnerabilidad cr\u00edtica en Apache expone a millones de servidores a ataques RCE.\n\nSe ha parchado una vulnerabilidad grave (CVE-2026-23918) que permite la Ejecuci\u00f3n Remota de C\u00f3digo (RCE) aprovechando un fallo en HTTP/2. #ciberseguridad #cybersecurity\nwww.linkedin.com/pulse/vulner...", "creation_timestamp": "2026-05-06T17:17:00.872389Z"}, {"uuid": "7f88cde8-9ab7-4fe5-a4d9-2c7c1ea08589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-apache-http-server-can-lead-remote-code-execution-patch", "content": "", "creation_timestamp": "2026-05-06T09:37:53.000000Z"}, {"uuid": "15b37892-eb96-45ed-90cf-cb7b00d3c629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3ml7bvy6m6s2g", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE\n\nThe Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote cod\u2026\n#hackernews #news", "creation_timestamp": "2026-05-06T18:02:35.537468Z"}, {"uuid": "6e2d5446-a025-4cc7-8373-8548384bfa1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/true_secator/8179", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u043d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f:\n\n1. \u0412 Android \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, CVE-2026-0073, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u041e\u0421 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0431\u0435\u0437 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\u00a0\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 adbd (Android Debug Bridge daemon), \u0444\u043e\u043d\u043e\u0432\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0439 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Android \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439 \u0441\u0432\u044f\u0437\u044c\u044e \u043c\u0435\u0436\u0434\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c \u0438 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u043c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u043e\u0442\u043b\u0430\u0434\u043a\u0443 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435.\n\n\u041f\u043e\u043a\u0430 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-0073 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0435\u0442, \u043d\u043e \u044d\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043a\u0430.\n\n2. Apache \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0434\u0435\u0441\u044f\u0442\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 HTTP Server \u0438 MINA, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f RCE.\n\n\u0412 Apache HTTP Server 2.4.67 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0434\u043b\u044f 11 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 10 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - CVE-2026-23918, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u0434\u0432\u043e\u0439\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2. \u0418\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u044f \u043f\u0440\u0435\u0436\u0434\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0441\u0431\u0440\u043e\u0441, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c DoS \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0414\u0440\u0443\u0433\u0430\u044f, CVE-2026-28780, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 AJP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f, \u0432\u044b\u0437\u044b\u0432\u0430\u044f DoS \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044f \u043a\u043e\u0434.\n\n\u0422\u0440\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, CVE-2026-29168, CVE-2026-29169 \u0438 CVE-2026-33007, \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a DoS, \u0430 \u0435\u0449\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 (CVE-2026-24072, CVE-2026-33857, CVE-2026-34032 \u0438 CVE-2026-34059) - \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0435\u0439 CRLF (CVE-2026-33523), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c HTTP-\u043e\u0442\u0432\u0435\u0442\u0430\u043c\u0438, \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u043e\u0431\u043e\u0447\u043d\u044b\u0445 \u043a\u0430\u043d\u0430\u043b\u043e\u0432 \u043f\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 (CVE-2026-33006), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Digest.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Apache\u00a0\u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430\u00a0\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 MINA 2.2.7 \u0438 MINA 2.1.12, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 - CVE-2026-42778 \u0438 CVE-2026-42779. \n\n\u041f\u0435\u0440\u0432\u0430\u044f - \u044d\u0442\u043e \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2026-41409, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u044f CVE-2024-52046, \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f RCE.\n\n\u0412\u0442\u043e\u0440\u0430\u044f - \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2026-41635, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0439 \u0441\u043e\u0431\u043e\u0439 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0441\u043f\u0438\u0441\u043a\u0430 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n3. VulnCheck \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2026-29014\u00a0(CVSS: 9,8) \u0432 CMS \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c MetInfo.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 MetInfo CMS 7.9, 8.0 \u0438 8.1 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0441\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c PHP-\u043a\u043e\u0434\u043e\u043c.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0443\u044e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0434\u043b\u044f RCE \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.", "creation_timestamp": "2026-05-06T18:50:06.000000Z"}, {"uuid": "8ad31108-75ad-493d-b1cb-10ddc8fbb328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/bettycjung.bsky.social/post/3ml7ijbnjfk2l", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE  thehackernews.com/2026/05/crit...", "creation_timestamp": "2026-05-06T20:00:49.270428Z"}, {"uuid": "b33abab4-d3dd-4661-9091-cc723a683677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mlaly7awvcv7", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html", "creation_timestamp": "2026-05-07T06:35:27.568024Z"}, {"uuid": "8093f10e-7021-4f45-ae47-48a4b290e9ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3ml7zizeyls2g", "content": "Apache HTTP/2\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\uff08CVE-2026-23918\uff09\u306b\u3088\u308a\u3001DoS\u653b\u6483\u304a\u3088\u3073\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u53ef\u80fd\u6027\u304c\u751f\u3058\u308b \n\nApache HTTP/2\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\uff08CVE-2026-23918\uff09\u306b\u3088\u308a\u3001DoS\u653b\u6483\u304a\u3088\u3073\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u53ef\u80fd\u6027\u304c\u751f\u3058\u308b  #HackerNews (May 5)\n\nthehackernews.com/2026/05/crit...", "creation_timestamp": "2026-05-07T01:04:50.529798Z"}, {"uuid": "fe7e5b60-7be2-41dd-b719-8657daebd9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mla6bbmmbf2m", "content": "Top 3 CVE for last 7 days:\nCVE-2026-31431: 516 interactions\nCVE-2026-41940: 123 interactions\nCVE-2025-31431: 29 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-0300: 19 interactions\nCVE-2026-31431: 8 interactions\nCVE-2026-23918: 5 interactions\n", "creation_timestamp": "2026-05-07T02:29:59.814947Z"}, {"uuid": "3ef101a1-21db-4960-b8c6-8cd2b25ca945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-2391", "type": "seen", "source": "https://bsky.app/profile/yourdailytechnews.bsky.social/post/3mlaxh7twyk23", "content": "CyberWireDaily: Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE\nApache Software Foundation patched CVE-2026-23918, a critical HTTP/2 vulnerability scoring 8.8 on the CVSS scale. The\u2026\n\nhttps://cyberwiredaily.net/article/2026-05-06-critical-apache-http2-flaw-cve-2026-2391", "creation_timestamp": "2026-05-07T10:00:42.353903Z"}, {"uuid": "b5144e9f-9ba6-4ab6-8c71-186312c5ae23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/patrickcmiller.bsky.social/post/3mlczhlwmnl2a", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE thehackernews.com/2026/05/crit...", "creation_timestamp": "2026-05-08T05:42:03.029802Z"}, {"uuid": "863415d8-67fe-404f-b847-6b371eb4fc16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/yourdailytechnews.bsky.social/post/3mlaxh7twyk23", "content": "CyberWireDaily: Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE\nApache Software Foundation patched CVE-2026-23918, a critical HTTP/2 vulnerability scoring 8.8 on the CVSS scale. The\u2026\n\nhttps://cyberwiredaily.net/article/2026-05-06-critical-apache-http2-flaw-cve-2026-2391", "creation_timestamp": "2026-05-07T10:00:42.109730Z"}, {"uuid": "4d1dbf9b-a2cd-4fb8-a29b-4dfb308a5123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mlaxkc43xy2j", "content": "\ud83d\udd12 For a Fistful of Dollars: CVE-2026-23918 \u2013 Pre-auth RCE in Apache httpd\n\nCVE-2026-23918, a pre-authentication Remote Code Execution (RCE) vulnerability, has been found in Apache httpd's m...\n\nhttps://is.gd/484fq4 #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-05-07T10:02:24.982477Z"}, {"uuid": "2d6cf902-4cda-4ea6-84c6-0ba9f2aece2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mlazmdmdic2g", "content": "Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE\n\nApache fixed several flaws in HTTP Server, including CVE-2026-23918 (CVSS score of 8.8), a double-free bug in HTTP/2 that could allow remote code execution. The Apache Software Foundation has released updat\u2026\n#hackernews #news", "creation_timestamp": "2026-05-07T10:39:21.879818Z"}, {"uuid": "da55729c-4d31-4689-8c0c-975b8469ea4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/cwealthsentinel.bsky.social/post/3mlb6j5kye22j", "content": "Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE", "creation_timestamp": "2026-05-07T12:07:03.744782Z"}, {"uuid": "073b5996-402c-4a97-a7e0-cadba141460c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3mlbb6i2re5w2", "content": "Critical apache CVE-2026-23918 - AIO impacted? ernolf: By the way, Ubuntu users with bare-metal installations will not be offered the new version. Most of the time these are backported by the distr...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-07T12:54:50.660933Z"}, {"uuid": "2281b45b-999a-460d-8369-2e17526d17de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-23918", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mlelzt45bc2i", "content": "CVE-2026-23918: Apache HTTP Server HTTP/2 Double Free RCE\n\nCVE-2026-23918 is a high-severity double free vulnerability in Apache HTTP Server 2.4.66 HTTP/2 handling that can lead to RCE. Affects al...\n\n\ud83d\udd17 https://ipsec.live/blog/cve-2026-23918-apache-http2-double-free\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-08T20:47:00.240158Z"}, {"uuid": "13f519ad-66db-4a2d-b854-59180e0ec142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/83310", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a Detections-CVE-2026-23918\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a insomnisec\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-08 04:27:26\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nDetection rules for CVE-2026-23918 Apache http2 RCE - Credit: stringa.ai, isec.pl\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-08T05:00:04.000000Z"}, {"uuid": "eccaf7d9-6384-47f1-9e3a-9cb01029c1a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/yfj8_Wf1r81ZM9XH5mmBYiYd4G1zdIl6xbgawa_XXGScCdQ", "content": "", "creation_timestamp": "2026-05-05T21:00:04.000000Z"}, {"uuid": "e84a3ee7-0045-4ade-af0b-ddd5ba7710fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://www.cert.se/2026/05/cert-se-veckobrev-v19.html", "content": "", "creation_timestamp": "2026-05-08T06:10:00.000000Z"}, {"uuid": "b3c071a2-b835-4163-b89c-f4823295eba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mld7tjjm6n32", "content": "CVE-2026-23918: Apache HTTP/2 Double-Free Vulnerability with Possible RCE CVE-2026-23918 is a high-severity Apache HTTP/2 double-free flaw affecting version 2.4.66. Learn the root cause, who's ...\n\n#Security #Bulletin #Apache #HTTP #Server #CVE-2026-23918 #RCE\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-08T07:36:12.863071Z"}, {"uuid": "30f64da7-c6f4-436b-90ac-0e887263024a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/9hUmSN7ug2EVEMoe54drMVTAFxceMDTI0JA9Kzj6srBhh7g", "content": "", "creation_timestamp": "2026-05-08T09:00:04.000000Z"}, {"uuid": "38f587ce-9eba-47da-9fe0-2c1da0cba9f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/TOBO1j4X53-mWPhUjqfqsPILi5P8C_iHzeNGcih4hj7jhkY", "content": "", "creation_timestamp": "2026-05-05T15:00:07.000000Z"}, {"uuid": "4abf895b-a732-4e3a-923a-525947c85019", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/dsiEA15uidVU6KDez4EkzkpuPE2tuEKKJLQ-eeC4Q0mRqFk", "content": "", "creation_timestamp": "2026-05-07T09:00:04.000000Z"}, {"uuid": "c88227a4-24dc-4275-b22f-91fd25e7234d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/qLnk1n5B0PR5yjep7bbwsMJyTwvCWVIASLg9mGkcsDxA1Jk", "content": "", "creation_timestamp": "2026-05-06T21:00:04.000000Z"}, {"uuid": "a389f8ea-6238-4905-84f7-ed1e214bc605", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/nRCd-6n0pDvmfvM7KgbobBK2YcSbDsH8Dcp0n-zDwiT4HOU", "content": "", "creation_timestamp": "2026-05-06T09:00:04.000000Z"}, {"uuid": "e8306237-6b8e-4703-ad6a-4c738978e9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/intel.overresearched.net/post/3mleq2nofu22m", "content": "\ud83d\udd34 Apache HTTP/2 RCE (CVE-2026-23918) & mod_rewrite EoP (CVE-2026-24072)\n\ud83d\udfe0 PCPJack worm evicts TeamPCP, steals creds\n\ud83d\udfe0 Akira: 38 new victims (health/mfg/edu)\nFull brief: intel.overresearched.net/2026/05/08/c...\n#Daily #ThreatIntel #InfoSec", "creation_timestamp": "2026-05-08T21:59:05.701990Z"}, {"uuid": "b813da3c-f1a5-4316-8133-89ab5ee526e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlgfyeuths2y", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own in 40 minutes. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/cve-2026-239...", "creation_timestamp": "2026-05-09T14:04:13.894332Z"}, {"uuid": "9612b027-8bfb-447b-9bac-ee59c3c7002a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlgfyeuzdc2y", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own in 40 minutes. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/cve-2026-239...", "creation_timestamp": "2026-05-09T14:04:14.464409Z"}, {"uuid": "ea5ae023-b8f0-4b6b-952c-4e6e5f2bf2cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlgfyga3b22y", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own in 40 minutes. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/cve-2026-239...", "creation_timestamp": "2026-05-09T14:04:15.029894Z"}, {"uuid": "f607e7a7-df13-4d01-a5fa-c83f71a28d54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlgfyhu4cc2y", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own in 40 minutes. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/cve-2026-239...", "creation_timestamp": "2026-05-09T14:04:15.589442Z"}, {"uuid": "855f8b03-7a49-4342-9e9b-c0f9180da7b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlggimoujs2s", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/exploiting-f...", "creation_timestamp": "2026-05-09T14:13:21.973991Z"}, {"uuid": "8f9241d0-0d36-43df-8516-a323165626b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlggipzqhc2s", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/exploiting-f...", "creation_timestamp": "2026-05-09T14:13:22.537154Z"}, {"uuid": "9b321909-4577-4315-a023-f76b8ecfde15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlggir24lk2s", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/exploiting-f...", "creation_timestamp": "2026-05-09T14:13:23.102622Z"}, {"uuid": "8add2383-923c-40ce-ade2-ede8b333fba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlggise2f22s", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/exploiting-f...", "creation_timestamp": "2026-05-09T14:13:23.654375Z"}, {"uuid": "0c287c21-2f94-4991-93ef-7c0aa8fbde47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mlgtaqta6k2g", "content": "\ud83d\udd12 Our side project: cyber-research-AI IDE, writing an exploit for CVE-2026-23918 [video]\n\nA new side project successfully developed a working exploit for CVE-2026-23918 using a cyber-resear...\n\nhttps://is.gd/FoSYT3 #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-05-09T18:01:28.570985Z"}, {"uuid": "eb232ca2-6b6c-4114-ad4b-0c180a54ffd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/codeby_sec/10102", "content": "\ud83d\udee1Apache2 \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u043e\u0432\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0434\u044b\u0440\u0443 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2.\n\n\u27a1\ufe0f\u0418\u0437 \u043e\u0447\u0435\u043d\u044c \u0432\u0430\u0436\u043d\u043e\u0433\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-23918, \u0434\u0430\u044e\u0449\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (RCE) \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \"double-free\" \u0431\u0430\u0433\u0430.\n\u27a1\ufe0f\u0422\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-24072, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u043b\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0435\u043b\u0435\u0433\u0438\u0439 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u0430 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 Apache HTTP \u0432\u0435\u0440\u0441\u0438\u0439 2.4.66 \u0438 \u043d\u0438\u0436\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0430\u0432\u0442\u043e\u0440\u0430\u043c \u0444\u0430\u0439\u043b\u043e\u0432 .htaccess \u0447\u0438\u0442\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u0432\u043e\u0430\u0442\u0435\u043b\u044f httpd.\n\u25b6\ufe0f\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-28780, \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435 \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 mod_proxy_ajp \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache HTTP Server. \u0415\u0441\u043b\u0438 \u043c\u043e\u0434\u0443\u043b\u044c mod_proxy_ajp \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0441\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c AJP-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c, \u044d\u0442\u043e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0432 \u043e\u0442\u0432\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 AJP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u0437\u0430\u043f\u0438\u0441\u0438 4 \u0431\u0430\u0439\u0442\u043e\u0432, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u043a\u0443\u0447\u0435 \u0431\u0443\u0444\u0435\u0440\u0430.\n\u25b6\ufe0f\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-29168, \u00ab\u0412\u044b\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0431\u0435\u0437 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u0440\u0435\u0433\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f\u00bb \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 mod_md \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache HTTP Server, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0434\u0430\u043d\u043d\u044b\u0445 OCSP-\u043e\u0442\u0432\u0435\u0442\u043e\u0432.\n\u25b6\ufe0f\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-33006, \u0410\u0442\u0430\u043a\u0430 \u043f\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0430 \u043c\u043e\u0434\u0443\u043b\u044c mod_auth_digest \u0432 Apache HTTP Server 2.4.66 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 Digest-\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0437\u0434\u0435\u0441\u044c, \u043d\u043e \u043f\u0435\u0440\u0435\u0434 \u044d\u0442\u0438\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u0441\u0434\u0435\u043b\u0430\u0442\u044c:\nsudo apt update && sudo apt upgrade apache2", "creation_timestamp": "2026-05-10T10:03:56.000000Z"}, {"uuid": "e00885e8-be30-4ce3-8006-60ac03215886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "published-proof-of-concept", "source": "Telegram/8zfghiqhdMgUnQpN-sW_sONu8d5R6D_u0VHsC67HR3Je1Bs", "content": "", "creation_timestamp": "2026-05-16T15:00:07.000000Z"}, {"uuid": "5583c0a2-4000-4a01-b7c6-08d301c2d51b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/e8LfDRtTf8nzcOa5URmJo_p6nGHeOtUQSV0vmQsSJYMEaqg", "content": "", "creation_timestamp": "2026-05-11T21:00:05.000000Z"}, {"uuid": "3e1f7039-fa42-4130-b2d8-7f9787097bc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-23918", "type": "seen", "source": "https://social.tchncs.de/users/gborn/statuses/116560008049573466", "content": "Schwachstellen bei Apache und n8n\nhttps://borncity.com/blog/2026/05/11/schwachstellen-in-apache-cve-2026-23918-und-n8n-cve-2026-42231/", "creation_timestamp": "2026-05-12T05:42:57.053538Z"}, {"uuid": "478a69db-4b78-44c4-884c-0664999ccf64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mlxp2nzc6r25", "content": "\u3010\u8106\u5f31\u6027\u60c5\u5831\u3011 CVE-2026-23918 Apache HTTP Server\u00a02.4.66\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\n\nApache HTTP Server\u306eHTTP/2\u30d7\u30ed\u30c8\u30b3\u30eb\u306b\u304a\u3051\u308b\u30c0\u30d6\u30eb\u30d5\u30ea\u30fc\u304a\u3088\u3073\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u53ef\u80fd\u6027\u304c\u3042\u308b\u8106\u5f31\u6027\u3067\u3059\u3002", "creation_timestamp": "2026-05-16T11:02:07.854901Z"}, {"uuid": "560e0411-b492-4270-994c-aa0a58132211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mma6hy6oj22w", "content": "\u300cApache HTTP Server\u300d\u306b\u8907\u6570\u8106\u5f31\u6027 - \u66f4\u65b0\u3092\u547c\u3073\u304b\u3051\n\n\u300cApache HTTP Server\u300d\u306b\u8907\u6570\u306e\u8106\u5f31\u6027\u304c\u660e\u3089\u304b\u3068\u306a\u3063\u305f\u3002\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u304c\u547c\u3073\u304b\u3051\u3089\u308c\u3066\u3044\u308b\u3002\n\n\u958b\u767a\u30c1\u30fc\u30e0\u306f\u73fe\u5730\u6642\u95935\u67084\u65e5\u3001CVE\u30d9\u30fc\u30b9\u306711\u4ef6\u306e\u8106\u5f31\u6027\u3092\u660e\u3089\u304b\u306b\u3057\u3001\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3068\u306a\u308b\u300c\u540c2.4.67\u300d\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u305f\u3002\n\n\u958b\u767a\u30c1\u30fc\u30e0\u306b\u3088\u308b\u91cd\u8981\u5ea6\u306b\u304a\u3044\u3066\u30014\u6bb5\u968e\u4e2d\u3082\u3063\u3068\u3082\u9ad8\u3044\u300c\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\uff08Critical\uff09\u300d\u3068\u3055\u308c\u308b\u8106\u5f31\u6027\u306f\u306a\u304f\u3001\u8106\u5f31\u6027\u300cCVE-2026-23918\u300d\u306e1\u4ef6\u306b\u95a2\u3057\u3066\u306f2\u756a\u76ee\u306b\u9ad8\u3044\u300c\u91cd\u8981\uff08Important\uff09\u300d\u3068\u30ec\u30fc\u30c6\u30a3\u30f3\u30b0\u3055\u308c\u3066\u3044\u308b\u3002\n\n\u300cCVE-2026-23918\u300d\u306f\u3001\u300cHTT...", "creation_timestamp": "2026-05-19T19:58:59.477392Z"}, {"uuid": "066e27dd-e28e-42e4-8aa7-437352dc9f01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/AMxmfUF4ewnzD7lMn6F-NG7YppsQsWodDT8ioiY0udlXjVPS", "content": "", "creation_timestamp": "2026-05-21T18:44:33.000000Z"}, {"uuid": "768cbb02-6a0f-4bd8-8231-12bc83d4272e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/GithubRedTeam/84571", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23918-Passive-Audit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a aa022\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-17 15:21:09\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPassive HTTP metadata auditor for CVE-2026-23918 exposure triage\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-17T16:00:04.000000Z"}]}