CVE-2026-23918 (CVSS 8.8) - Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2
📡 NVD-Latest · 2026-05-04
CVE-2026-23918 (CVSS 8.8) - Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2
CVE-2026-23918
CVE-2026-23918 CVSS:8.8
Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol.
This issue affects Apache HTTP Server: 2.4.66.
Users are recommended to upgrade to version 2.4.67, which fixes the issue.
产品: apache http_server
📌 来源: NVD-Latest | 🆔 CVE-2026-23918 | 📅 2026-05-04