Memory Allocation Vulnerability in Apache HTTP Server by Apache
CVE-2026-49975
Key Information:
- Vendor
Apache
- Status
- Vendor
- CVE Published:
- 8 June 2026
Badges
What is CVE-2026-49975?
false
Affected Version(s)
Apache HTTP Server 2.4.17 <= 2.4.67
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
The Hacker NewsCVE-2026-49975ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories
ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain threats this week.
2 weeks ago
IT, Telcos, Healthcare at Risk of HTTP/2 DDoS Attacks
The denial-of-service (DoS) exploit takes advantage of two features in HTTP/2 that were designed to save Internet bandwith.
2 weeks ago
It Security NewsCVE-2026-49975IT Security News Hourly Summary 2026-06-04 21h : 6 posts - IT Security News
6 posts were published in the last hour 18:34 : Gartner SRM 2026 Signals a Cybersecurity Shift From Prevention to Resilience 18:34 : Imperva Customers Protected Against CVE-2026-49975 (HTTP/2 Bomb) DoS 18:34 : Cybercriminals Shift From Fake Login Pages toβ¦Read more β
4 weeks ago
References
EPSS Score
9% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π°
Used in Ransomware
- π
Vulnerability started trending
- π‘
Public PoC available
- πΎ
Exploit known to exist
Vulnerability published
- π°
First article discovered by It Security News
Vulnerability Reserved