Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol.
his issue affects Apache HTTP Server: 2.4.66.
Users are recommended to upgrade to version 2.4.67, which fixes the issue.
https://nvd.nist.gov/vuln/detail/CVE-2026-23918
Apache CVE-2026-23918
-
Starburst-David
- Posts: 53
- Joined: Wed Feb 11, 2026 8:31 pm