{"vulnerability": "cve-2026-49975", "sightings": [{"uuid": "ccdef18e-9a6e-4c41-8e3f-a30ec2b0189b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://t.me/GithubRedTeam/87196", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a Proof-of-Concept-POC---CVE-2026-49975-HTTP-2-Bomb-\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a fevar54\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-03 20:34:56\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nEste repositorio contiene un Proof of Concept (POC) para CVE-2026-49975, tambi\u00e9n conocida como HTTP/2 Bomb, una vulnerabilidad de denegaci\u00f3n de servicio (DoS) remoto que afecta a la mayor\u00eda de los servidores web principales en su configuraci\u00f3n HTTP/2 predeterminada, incluyendo:\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-03T21:00:04.000000Z"}, {"uuid": "72b1745c-9606-4c13-b4b6-52b3bbc8f4ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/hmier.bsky.social/post/3mnf3sod7zs24", "content": "HTTP/2 BOMB CVE-2026-49975\n\nan assymmetric Denial of Service originated from the RFC\n\nan attacker can send a compresed request that when uncompressed on the server side consumes 32GB memory.\napache, nginx patch now.\nIIS, others still no patch.\nblog.calif.io/p/codex-disc...", "creation_timestamp": "2026-06-03T12:19:44.116342Z"}, {"uuid": "c0048cd3-c2cb-4c1c-87df-ada916c73ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/buyoh.bsky.social/post/3mngas7khi22e", "content": "[CVE-2026-49975] \u30ea\u30e2\u30fc\u30c8\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\uff08DoS\uff09\u306e\u8106\u5f31\u6027 HTTP/2 Bomb \u306b\u3064\u3044\u3066\npub.hpc-technologies.co.jp/security/htt...", "creation_timestamp": "2026-06-03T23:21:37.207003Z"}, {"uuid": "3901e398-d73a-4ab6-b9ef-8a5496e7ebd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116692107565448324", "content": "Some increased actor activities are shown targeting Apache HTTP Server (CVE-2026-49975) https://vuldb.com/vuln/368279/cti", "creation_timestamp": "2026-06-04T13:37:38.776870Z"}, {"uuid": "d3e4bcf0-c9b7-47fc-b9b8-3911d946430a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/slackers.it/post/3mngqgfdjtb23", "content": "6/19\n\nhttps://seclists.org/oss-sec/2026/q2/790\n    https://www.cve.org/CVERecord?id=CVE-2026-49975\n  (* Security fix *)\nn/mosh-1.4.0-x86_64-21.txz:  Rebuilt.\n  Recompiled against abseil-cpp-20260526.0.\nn/net-tools-20181103_0eebece-x86_64-4.txz:  Rebuilt.", "creation_timestamp": "2026-06-04T04:01:19.936525Z"}, {"uuid": "07d1e576-ac3f-4335-85ae-27437ea26db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/skip2networks.bsky.social/post/3mngvr7h6ly25", "content": "HTTP/2 Bomb is a remote denial-of-service attack affecting major web servers including nginx, Apache, IIS, Envoy, and Pingora. At this time we do not believe our network is vulnerable. Read more: https://www.skip2.net/blog/security/CVE-2026-49975", "creation_timestamp": "2026-06-04T05:36:52.382839Z"}, {"uuid": "6c0ec0b7-0535-4acf-aa7b-191fd091991a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3mngz6bl5an2s", "content": "#DDoS: New 'HTTP/2 Bomb' DoS attack crashes major web servers in under a minute. Impacted servers include #NGINX, #Apache HTTP Server, Microsoft #IIS, Envoy, and Cloudflare Pingora. This vulnerability was discovered by Codex AI agent. CVE-2026-49975:\n\ud83d\udc47", "creation_timestamp": "2026-06-04T06:37:51.425349Z"}, {"uuid": "b9b9ee1d-faba-46c9-9ae7-3b980876a658", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://t.me/GithubRedTeam/87358", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a http2-bomb\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a obrige\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a HTML\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-05 01:55:40\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-49975 HTTP/2 Stream Amplification \u2014 Docker PoC with Web Console\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-05T02:00:03.000000Z"}, {"uuid": "71b9f311-bfde-483a-949d-e9bdbe507f29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://t.me/GithubRedTeam/87238", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-49975-POC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a mrx-arafat\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-04 06:23:07\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nHTTP/2 Bomb PoC \u2014 CVE-2026-49975 (HPACK indexed reference bomb + flow-control stall)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-04T07:00:04.000000Z"}, {"uuid": "4f041818-94d1-4ee6-9f20-dc26a42373ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1898", "content": "", "creation_timestamp": "2026-06-03T21:00:00.000000Z"}, {"uuid": "fb060370-0030-4d18-9ed4-555e58fb6c5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://gist.github.com/rlnorthcutt/c3f1d2ac700644acaed93bc181d7703d", "content": "", "creation_timestamp": "2026-06-04T13:54:29.000000Z"}, {"uuid": "c58ca69b-9196-4ebd-9296-62de1c3e295d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mnkq3rnnml24", "content": "\ud83d\udd12 Protecting against HTTP/2 Bomb vulnerability (CVE-2026-49975) with HAProxy\n\nHAProxy has released guidance on how to protect against the HTTP/2 Bomb vulnerability, identified as CV...\n\nhttps://tinyurl.com/26tcpnxk #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-06-05T18:06:06.240545Z"}, {"uuid": "cda42180-b62d-4d5d-b3a0-89feff7a6260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "Telegram/2GKVzEdq0Q1GgXdde3R68qhjmtmEcsIfO4W2udc5u2OvA5M", "content": "", "creation_timestamp": "2026-06-05T09:00:04.000000Z"}, {"uuid": "8cd6e034-ed3e-4e40-a605-7980599a67f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "Telegram/kLKPPvOvIF-5j3nlBqFuX9r9eU25HTXmNetuXHYMklt92wg", "content": "", "creation_timestamp": "2026-06-04T09:00:04.000000Z"}, {"uuid": "6a319ac2-fc79-48c5-9232-12bf1b43809f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3mnlo3zm6xq2n", "content": "The latest update for #HAProxy includes \"Protecting against HTTP/2 Bomb vulnerability (CVE-2026-49975) with HAProxy\" and \"Announcing HAProxy 3.4\".\n \n#DevOps #Kubernetes #Security https://opsmtrs.com/3aGSzYy", "creation_timestamp": "2026-06-06T03:03:03.280868Z"}, {"uuid": "106ce591-aa3d-41d2-996b-297e3419164d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://t.me/bdufstecru/3220", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432 HTTP/2 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache HTTP Server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\n\nBDU:2026-07789\nCVE-2026-49975\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Apache HTTP Server:\nhttps://github.com/apache/httpd/commit/47d3100b252dc6668a9e46ae885242be9eeca9cd\n\n\u0414\u043b\u044f nginx:\nhttps://github.com/nginx/nginx/commit/365694160a85229a7cb006738de9260d49ff5fa2\nhttps://github.com/nginx/nginx/pull/1116\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP/2 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0442\u0440\u043e\u043a\u0438 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c \u0444\u0430\u0439\u043b\u0435 (httpd.conf) \u0438\u043b\u0438 \u0432\u043e \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u043c \u0432 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c \u0444\u0430\u0439\u043b\u0435;\n- \u0432\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 \u043d\u0430 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432 \u0438 \u0440\u0430\u0437\u043c\u0435\u0440 \u043f\u043e\u043b\u0435\u0439 \u0432 \u043e\u0434\u043d\u043e\u043c \u0437\u0430\u043f\u0440\u043e\u0441\u0435.", "creation_timestamp": "2026-06-05T13:08:41.000000Z"}, {"uuid": "9c3ed914-d65b-45ab-83b1-d6d53134d7cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "Telegram/OEsY4UTDQZoeO-JoR0_u6XYcRl3R5y_OdKFskD7-0o9iXe8", "content": "", "creation_timestamp": "2026-06-04T03:00:06.000000Z"}, {"uuid": "c7b06180-2e9c-4200-8c79-3ce830e94814", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "Telegram/CZ6mS_FbPsjRM1NAYtRNVHQnuSLpdCQIGgCQzQNM_WxAyUM", "content": "", "creation_timestamp": "2026-06-04T07:00:13.000000Z"}, {"uuid": "95c67e3e-ff5f-40d1-bca8-e7dbc8a6c6f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/dailyqiitatrends.bsky.social/post/3mnnrjle6ou26", "content": "\u4eca\u65e5\u306eQiita\u30c8\u30ec\u30f3\u30c9\n\nCVE-2026-49975\u300cHTTP/2 Bomb\u300d\u3092\u308f\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\u2014\u2014AI\u304c\u4eba\u9593\u3088\u308a\u5148\u306b\u6c17\u3065\u3044\u305f\u8106\u5f31\u6027\nCVE-2026-49975\uff08HTTP/2 Bomb\uff09\u306f\u3001\u4e3b\u8981Web\u30b5\u30fc\u30d0\u30fc\u306e\u30e1\u30e2\u30ea\u3092\u67af\u6e07\u3055\u305b\u30c0\u30a6\u30f3\u3055\u305b\u308b\u91cd\u5927\u306aDoS\u8106\u5f31\u6027\u3067\u3059\u3002\nAI\u304c\u65e2\u5b58\u6280\u8853\u3092\u7d44\u307f\u5408\u308f\u305b\u3066\u4eba\u9593\u3088\u308a\u5148\u306b\u767a\u898b\u3057\u305f\u4e8b\u4f8b\u3067\u3042\u308a\u3001AI\u306b\u3088\u308b\u8106\u5f31\u6027\u7279\u5b9a\u304c\u52a0\u901f\u3057\u3066\u3044\u308b\u73fe\u72b6\u3092\u6d6e\u304d\u5f6b\u308a\u306b\u3057\u307e\u3057\u305f\u3002\n\u65e9\u6025\u306a\u30d1\u30c3\u30c1\u9069\u7528\u3084HTTP/2\u306e\u7121\u52b9\u5316\u3001WAF\u3067\u306e\u9632\u5fa1\u3092\u63a8\u5968\u3059\u308b\u3068\u3068\u3082\u306b\u3001AI\u6642\u4ee3\u306e\u30b9\u30d4\u30fc\u30c9\u306b\u5408\u308f\u305b\u305f\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4f53\u5236\u3078\u306e\u79fb\u884c\u3092\u4fc3\u3057\u3066\u3044\u307e\u3059\u3002\n", "creation_timestamp": "2026-06-06T23:09:40.328021Z"}, {"uuid": "24ae317e-96ff-4746-8c01-5bb6a1eedc18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/sinologic.net/post/3mnmfx2nmpp26", "content": "HTTP/2 Bomb (CVE-2026-49975): el ataque que tumba un servidor web en segundos desde un PC de casa\n\nNuestro amigo Carlos Ros nos ha despertado esta mana\u00f1a avisado esta ma\u00f1ana por el canal de Telegram de Sinologic \u2026\n\n#apache #Carlos_Ros #CVE #DoS #HTTP2 #NGINX #Seguridad #telegram #vulnerabilidad", "creation_timestamp": "2026-06-06T10:09:47.303757Z"}, {"uuid": "eb477e95-c331-452d-85fb-30a2fb3386e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/hatena-bookmark.bsky.social/post/3mnmiibejnk2y", "content": "#\ud83d\udd16\u30c6\u30af\u30ce\u30ed\u30b8\u30fc\nCVE-2026-49975\u300cHTTP/2 Bomb\u300d\u3092\u308f\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\u2014\u2014AI\u304c\u4eba\u9593\u3088\u308a\u5148\u306b\u6c17\u3065\u3044\u305f\u8106\u5f31\u6027 - Qiita\n\nTL;DR CVE-2026-49975\uff08\u901a\u79f0 HTTP/2 Bomb\uff09\u306f\u3001HTTP/2 \u306e\u4ed5\u69d8\u4e0a\u306e\u7d44\u307f\u5408\u308f\u305b\u3092\u60aa\u7528\u3057\u305f\u30ea\u30e2\u30fc\u30c8 DoS \u8106\u5f31\u6027 OpenAI Codex \u304c nginx\u30fbApache\u30fbIIS\u30fbEnvoy\u30fbCloudflare Pingora \u306e 5 \u3064\u306e\u4e3b\u8981 Web\u30b5\u30fc\u30d0\u30fc\u306b\u5171\u901a\u3059\u308b\u554f\u984c\u3092\u4eba\u9593\u3088\u308a\u5148\u306b\u767a\u898b\u3057\u305f \u5bb6\u5ead\u7528\u306e 100 Mbps \u56de\u7dda 1 \u672c\u3067 32GB \u306e RAM \u3092 20 \u79d2\u4ee5\u5185\u306b\u67af\u6e07\u3055\u305b\u3089\u308c\u308b ...", "creation_timestamp": "2026-06-06T10:55:11.714984Z"}, {"uuid": "ff7853d6-f82c-41b4-9d99-82da9296d810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/sinologic.net/post/3mnovedlyvz2a", "content": "HTTP/2 Bomb (CVE-2026-49975): The Attack That Takes Down a Web Server in Seconds From a Home PC\n\nOur friend Carlos Ros has woken us up warned us via the Sinologic Telegram channel about a vulnerability that has been flying under the radar. It’s called HTTP/2 Bomb, it has been assig\u2026\n\n#CVE", "creation_timestamp": "2026-06-07T09:50:59.623501Z"}, {"uuid": "65a9582a-0cc0-4046-a617-f63907bbeb21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnpsxcv4bc2z", "content": "\u26a0\ufe0f Aten\u00e7\u00e3o, pessoal que gerencia servidores Apache em #Debian: a vulnerabilidade HTTP/2 Bomb (CVE-2026-49975) n\u00e3o \u00e9 not\u00edcia velha \u2013 ela ainda afeta qualquer vers\u00e3o 2.4.17 a 2.4.67 com HTTP/2 ligado. Saiba mais:->  tinyurl.com/byaamtm7", "creation_timestamp": "2026-06-07T18:40:36.770962Z"}, {"uuid": "539f5ed1-79f2-4428-85d2-196b09d298d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnpsxfpdxk2z", "content": "\u26a0\ufe0f Aten\u00e7\u00e3o, pessoal que gerencia servidores Apache em #Debian: a vulnerabilidade HTTP/2 Bomb (CVE-2026-49975) n\u00e3o \u00e9 not\u00edcia velha \u2013 ela ainda afeta qualquer vers\u00e3o 2.4.17 a 2.4.67 com HTTP/2 ligado. Saiba mais:->  tinyurl.com/byaamtm7", "creation_timestamp": "2026-06-07T18:40:45.961461Z"}, {"uuid": "3d0d18eb-6f6e-412c-9d49-4c46580fe343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3mnu2uq6ygc2l", "content": "SIOS\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d6\u30ed\u30b0\u3092\u66f4\u65b0\u3057\u307e\u3057\u305f\u3002\n\nApache\u306e\u8106\u5f31\u6027(Moderate: CVE-2026-34355, CVE-2026-42535, CVE-2026-43951, CVE-2026-44119, CVE-2026-44186, CVE-2026-49975, Low:\u8907\u6570)\u30682.4.68\u30ea\u30ea\u30fc\u30b9\n\n#sios_tech #security #vulnerability #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u8106\u5f31\u6027 #apache \n\nsecurity.sios.jp/vulnerabilit...", "creation_timestamp": "2026-06-09T11:13:00.901618Z"}, {"uuid": "81d27fd5-9958-43cf-ba7c-2206d07683bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mnss3hh26k2o", "content": "OpenAI Codex\u304c\u300cHTTP/2\u7206\u5f3e\u300d\u3092\u767a\u898b-1\u53f0\u306ePC\u304b\u3089DOS\u653b\u6483\u304c\u53ef\u80fd\u306b(CVE-2026-49975)\n\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews #cyberattack", "creation_timestamp": "2026-06-08T23:03:00.914233Z"}, {"uuid": "33adda9f-11c6-4898-a806-da04ab15a311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://www.acn.gov.it/portale/w/http/2-bomb-disponibili-poc-per-lo-sfruttamento-di-vulnerabilita-nel-protocollo", "content": "Disponibili Proof of Concept (PoC) per lo sfruttamento della vulnerabilit\u00e0 CVE-2026-49975 - denominata \u201cHTTP/2 Bomb\u201d - che riguarda l\u2019implementazione del protocollo HTTP/2 e che potrebbe consentire attacchi di tipo \u201cDenial of Service\u201d.", "creation_timestamp": "2026-06-08T11:33:22.000000Z"}, {"uuid": "e39f83c6-158f-46bb-b9d7-023e7755df33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mns5csm57q2r", "content": "CVE-2026-49975 - Apache HTTP Server: mod_http2 denial of service\nCVE ID : CVE-2026-49975\n \n Published : June 8, 2026, 4:16 p.m. | 17\u00a0minutes ago\n \n Description : Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of servi...", "creation_timestamp": "2026-06-08T16:51:15.190337Z"}, {"uuid": "81a85c67-4222-465f-af43-7e5efe7584d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/rolle.mementomori.social/post/3mnukmaoxoqu2", "content": "Today, a regression caused dozens of web services to crash with a segfault because of Ubuntu.\n\n\"USN-8398-1 fixed a vulnerability in nginx. The update introduced a regression causing nginx to crash when being used with external modules.\nThis update reverts the fix for CVE-2026-49975 pending [\u2026]", "creation_timestamp": "2026-06-09T15:56:53.905878Z"}, {"uuid": "7457cc97-225a-421f-b200-f3f21267ed3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnu7hq6yhy25", "content": "\ud83d\udd17 CVE : CVE-2026-29167, CVE-2026-29170, CVE-2026-34355, CVE-2026-34356, CVE-2026-42535, CVE-2026-42536, CVE-2026-43951, CVE-2026-44119, CVE-2026-44185, CVE-2026-44186, CVE-2026-44631, CVE-2026-48913, CVE-2026-49975", "creation_timestamp": "2026-06-09T12:35:10.298426Z"}, {"uuid": "4a6ccf70-36df-42b2-bc0a-ddc7994f208b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/bearstech.com/post/3mnuwpdazwa2v", "content": "HTTP/2 Bomb  : la CVE-2026-49975 affecte Apache HTTP Server v2.4.17 \u00e0 2.4.67 et est due \u00e0 un probl\u00e8me d'allocation excessive de m\u00e9moire lors du traitement de certaines requ\u00eates HTTP.\n\nMerci \u00e0 nos camarades d'Evolix qui nous en ont parl\u00e9 il y a quelques jours !\n\n\ud83d\udc49 nvd.nist.gov/vuln/de...\n\n", "creation_timestamp": "2026-06-09T19:30:58.846761Z"}, {"uuid": "0ecd1419-dcfa-4b06-a3bd-82751e6a89cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3mo2dlmzybc2y", "content": "The latest update for #HAProxy includes \"How Clover moved beyond blue-green deployments with HAProxy Fusion Control Plane\" and \"Protecting against HTTP/2 Bomb vulnerability (CVE-2026-49975) with HAProxy\".\n \n#DevOps #Kubernetes #Security https://opsmtrs.com/3aGSzYy", "creation_timestamp": "2026-06-11T23:04:58.683518Z"}, {"uuid": "770a3617-e325-43d2-9a93-0ccbac639666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mnvo6boqxs2a", "content": "Top 3 CVE for last 7 days:\nCVE-2015-5119: 20 interactions\nCVE-2020-0601: 20 interactions\nCVE-2026-11645: 18 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-11645: 18 interactions\nCVE-2026-45447: 16 interactions\nCVE-2026-49975: 14 interactions\n", "creation_timestamp": "2026-06-10T02:30:57.071822Z"}, {"uuid": "48be5ccd-6508-4b30-a775-36df105eb118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/slackers.it/post/3mnxpljzvvr2u", "content": "2/2\n\nn/httpd-2.4.68-x86_64-1.txz:  Upgraded.\n  This is a bugfix release (CVE-2026-49975 was already patched here.)\n  For more information, see:\n    https://downloads.apache.org/httpd/CHANGES_2.4.68", "creation_timestamp": "2026-06-10T22:01:34.186528Z"}, {"uuid": "fbac7e31-6357-4b4e-8b5f-d151ddb98b01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/apache-http-server-multiple-vulnerabilities_20260610", "content": "", "creation_timestamp": "2026-06-09T18:00:00.000000Z"}]}