{"uuid": "c834df2d-2b7c-4f10-b537-8ae72e5e7030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23918", "type": "seen", "source": "https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html", "content": "The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution (RCE).\nThe vulnerability, tracked as CVE-2026-23918 (CVSS score: 8.8), has been described as a case of \"double free and possible RCE\" in the HTTP/2 protocol handling. This issue", "creation_timestamp": "2026-05-05T14:19:00.000000Z"}