{"vulnerability": "CVE-2026-54428", "sightings": [{"uuid": "68d2fea1-d419-4063-8082-cbfb2d7ea8a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54428", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mplymmliqs2x", "content": "CVE-2026-54428: Apache HttpComponents Core: HPackDecoder Unlimited Header List Size Before SETTINGS ACK", "creation_timestamp": "2026-07-01T17:01:40.556510Z"}, {"uuid": "eb21ae52-59ef-4f6d-9392-8d39ade2c660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54428", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpnj74yvvv2k", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54428: \u041e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0431\u0435\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0432 HTTP/2 HPACK \u0434\u0435\u043a\u043e\u0434\u0435\u0440\u0435\n\n\n\nhttps://kripta.biz/posts/34FCBD41-6A6B-4E7F-A45D-1789658F6B2E", "creation_timestamp": "2026-07-02T07:31:01.325997Z"}, {"uuid": "db0846f4-4453-45fa-9e5e-d432ad99aea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54428", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpogcpwcqq2e", "content": "Apache HttpComponents Core vulnerabilities CVE-2026-54399 and CVE-2026-54428 allow remote denial of service through memory exhaustion. Upgrade now.\n\n#Apache #HttpComponents #DoS #CVE202654399 #CyberSecurity", "creation_timestamp": "2026-07-02T16:12:01.334920Z"}]}