URL has been copied successfully!
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare


Tags: , , , , , , ,

Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora.The vulnerability has been codenamed HTTP/2 Bomb by Calif.”The vulnerable behavior exists in each server’s default HTTP/2 configuration,” the company said, adding it was discovered by OpenAI Codex by chaining

First seen on thehackernews.com

Jump to article: thehackernews.com/2026/06/new-http2-bomb-vulnerability-allows.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
  2. Getting the Most Value Out of the OSCP: The PEN-200 Course
  3. 9 top bug bounty programs launched in 2025
  4. 6 ways attackers abuse AI services to hack your business