HTTP/2 Bomb — Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare Pingora
Posted: Wed Jun 03, 2026 2:30 pm
A newly disclosed remote denial-of-service exploit dubbed “HTTP/2 Bomb” targets the default HTTP/2 configurations of the world’s most widely deployed web servers, nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora, enabling a single attacker on a home internet connection to exhaust tens of gigabytes of server memory in seconds.
More Information:
https://cybersecuritynews.com/http-2-bo ... s-exploit/
https://thehackernews.com/2026/06/new-h ... llows.html
More Information:
https://cybersecuritynews.com/http-2-bo ... s-exploit/
https://thehackernews.com/2026/06/new-h ... llows.html