https://vulnerability.circl.lu/sightings/feed 2026-06-09T11:46:34.731410+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/24ae317e-96ff-4746-8c01-5bb6a1eedc18/export 2026-06-09T11:46:34.738330+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "24ae317e-96ff-4746-8c01-5bb6a1eedc18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/sinologic.net/post/3mnmfx2nmpp26", "content": "HTTP/2 Bomb (CVE-2026-49975): el ataque que tumba un servidor web en segundos desde un PC de casa\n\nNuestro amigo Carlos Ros nos ha despertado esta mana\u00f1a avisado esta ma\u00f1ana por el canal de Telegram de Sinologic \u2026\n\n#apache #Carlos_Ros #CVE #DoS #HTTP2 #NGINX #Seguridad #telegram #vulnerabilidad", "creation_timestamp": "2026-06-06T10:09:47.303757Z"} 2026-06-06T10:09:47.303757+00:00 https://vulnerability.circl.lu/sighting/eb477e95-c331-452d-85fb-30a2fb3386e4/export 2026-06-09T11:46:34.738247+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "eb477e95-c331-452d-85fb-30a2fb3386e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/hatena-bookmark.bsky.social/post/3mnmiibejnk2y", "content": "#\ud83d\udd16\u30c6\u30af\u30ce\u30ed\u30b8\u30fc\nCVE-2026-49975\u300cHTTP/2 Bomb\u300d\u3092\u308f\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\u2014\u2014AI\u304c\u4eba\u9593\u3088\u308a\u5148\u306b\u6c17\u3065\u3044\u305f\u8106\u5f31\u6027 - Qiita\n\nTL;DR CVE-2026-49975\uff08\u901a\u79f0 HTTP/2 Bomb\uff09\u306f\u3001HTTP/2 \u306e\u4ed5\u69d8\u4e0a\u306e\u7d44\u307f\u5408\u308f\u305b\u3092\u60aa\u7528\u3057\u305f\u30ea\u30e2\u30fc\u30c8 DoS \u8106\u5f31\u6027 OpenAI Codex \u304c nginx\u30fbApache\u30fbIIS\u30fbEnvoy\u30fbCloudflare Pingora \u306e 5 \u3064\u306e\u4e3b\u8981 Web\u30b5\u30fc\u30d0\u30fc\u306b\u5171\u901a\u3059\u308b\u554f\u984c\u3092\u4eba\u9593\u3088\u308a\u5148\u306b\u767a\u898b\u3057\u305f \u5bb6\u5ead\u7528\u306e 100 Mbps \u56de\u7dda 1 \u672c\u3067 32GB \u306e RAM \u3092 20 \u79d2\u4ee5\u5185\u306b\u67af\u6e07\u3055\u305b\u3089\u308c\u308b ...", "creation_timestamp": "2026-06-06T10:55:11.714984Z"} 2026-06-06T10:55:11.714984+00:00 https://vulnerability.circl.lu/sighting/95c67e3e-ff5f-40d1-bca8-e7dbc8a6c6f9/export 2026-06-09T11:46:34.738155+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "95c67e3e-ff5f-40d1-bca8-e7dbc8a6c6f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/dailyqiitatrends.bsky.social/post/3mnnrjle6ou26", "content": "\u4eca\u65e5\u306eQiita\u30c8\u30ec\u30f3\u30c9\n\nCVE-2026-49975\u300cHTTP/2 Bomb\u300d\u3092\u308f\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\u2014\u2014AI\u304c\u4eba\u9593\u3088\u308a\u5148\u306b\u6c17\u3065\u3044\u305f\u8106\u5f31\u6027\nCVE-2026-49975\uff08HTTP/2 Bomb\uff09\u306f\u3001\u4e3b\u8981Web\u30b5\u30fc\u30d0\u30fc\u306e\u30e1\u30e2\u30ea\u3092\u67af\u6e07\u3055\u305b\u30c0\u30a6\u30f3\u3055\u305b\u308b\u91cd\u5927\u306aDoS\u8106\u5f31\u6027\u3067\u3059\u3002\nAI\u304c\u65e2\u5b58\u6280\u8853\u3092\u7d44\u307f\u5408\u308f\u305b\u3066\u4eba\u9593\u3088\u308a\u5148\u306b\u767a\u898b\u3057\u305f\u4e8b\u4f8b\u3067\u3042\u308a\u3001AI\u306b\u3088\u308b\u8106\u5f31\u6027\u7279\u5b9a\u304c\u52a0\u901f\u3057\u3066\u3044\u308b\u73fe\u72b6\u3092\u6d6e\u304d\u5f6b\u308a\u306b\u3057\u307e\u3057\u305f\u3002\n\u65e9\u6025\u306a\u30d1\u30c3\u30c1\u9069\u7528\u3084HTTP/2\u306e\u7121\u52b9\u5316\u3001WAF\u3067\u306e\u9632\u5fa1\u3092\u63a8\u5968\u3059\u308b\u3068\u3068\u3082\u306b\u3001AI\u6642\u4ee3\u306e\u30b9\u30d4\u30fc\u30c9\u306b\u5408\u308f\u305b\u305f\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4f53\u5236\u3078\u306e\u79fb\u884c\u3092\u4fc3\u3057\u3066\u3044\u307e\u3059\u3002\n", "creation_timestamp": "2026-06-06T23:09:40.328021Z"} 2026-06-06T23:09:40.328021+00:00 https://vulnerability.circl.lu/sighting/ff7853d6-f82c-41b4-9d99-82da9296d810/export 2026-06-09T11:46:34.738077+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ff7853d6-f82c-41b4-9d99-82da9296d810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/sinologic.net/post/3mnovedlyvz2a", "content": "HTTP/2 Bomb (CVE-2026-49975): The Attack That Takes Down a Web Server in Seconds From a Home PC\n\nOur friend Carlos Ros has woken us up warned us via the Sinologic Telegram channel about a vulnerability that has been flying under the radar. It’s called HTTP/2 Bomb, it has been assig\u2026\n\n#CVE", "creation_timestamp": "2026-06-07T09:50:59.623501Z"} 2026-06-07T09:50:59.623501+00:00 https://vulnerability.circl.lu/sighting/65a9582a-0cc0-4046-a617-f63907bbeb21/export 2026-06-09T11:46:34.737996+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "65a9582a-0cc0-4046-a617-f63907bbeb21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnpsxcv4bc2z", "content": "\u26a0\ufe0f Aten\u00e7\u00e3o, pessoal que gerencia servidores Apache em #Debian: a vulnerabilidade HTTP/2 Bomb (CVE-2026-49975) n\u00e3o \u00e9 not\u00edcia velha \u2013 ela ainda afeta qualquer vers\u00e3o 2.4.17 a 2.4.67 com HTTP/2 ligado. Saiba mais:-> tinyurl.com/byaamtm7", "creation_timestamp": "2026-06-07T18:40:36.770962Z"} 2026-06-07T18:40:36.770962+00:00 https://vulnerability.circl.lu/sighting/539f5ed1-79f2-4428-85d2-196b09d298d0/export 2026-06-09T11:46:34.737918+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "539f5ed1-79f2-4428-85d2-196b09d298d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnpsxfpdxk2z", "content": "\u26a0\ufe0f Aten\u00e7\u00e3o, pessoal que gerencia servidores Apache em #Debian: a vulnerabilidade HTTP/2 Bomb (CVE-2026-49975) n\u00e3o \u00e9 not\u00edcia velha \u2013 ela ainda afeta qualquer vers\u00e3o 2.4.17 a 2.4.67 com HTTP/2 ligado. Saiba mais:-> tinyurl.com/byaamtm7", "creation_timestamp": "2026-06-07T18:40:45.961461Z"} 2026-06-07T18:40:45.961461+00:00 https://vulnerability.circl.lu/sighting/33adda9f-11c6-4898-a806-da04ab15a311/export 2026-06-09T11:46:34.737837+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "33adda9f-11c6-4898-a806-da04ab15a311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://www.acn.gov.it/portale/w/http/2-bomb-disponibili-poc-per-lo-sfruttamento-di-vulnerabilita-nel-protocollo", "content": "Disponibili Proof of Concept (PoC) per lo sfruttamento della vulnerabilit\u00e0 CVE-2026-49975 - denominata \u201cHTTP/2 Bomb\u201d - che riguarda l\u2019implementazione del protocollo HTTP/2 e che potrebbe consentire attacchi di tipo \u201cDenial of Service\u201d.", "creation_timestamp": "2026-06-08T11:33:22.000000Z"} 2026-06-08T11:33:22+00:00 https://vulnerability.circl.lu/sighting/e39f83c6-158f-46bb-b9d7-023e7755df33/export 2026-06-09T11:46:34.737753+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "e39f83c6-158f-46bb-b9d7-023e7755df33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mns5csm57q2r", "content": "CVE-2026-49975 - Apache HTTP Server: mod_http2 denial of service\nCVE ID : CVE-2026-49975\n \n Published : June 8, 2026, 4:16 p.m. | 17\u00a0minutes ago\n \n Description : Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of servi...", "creation_timestamp": "2026-06-08T16:51:15.190337Z"} 2026-06-08T16:51:15.190337+00:00 https://vulnerability.circl.lu/sighting/81d27fd5-9958-43cf-ba7c-2206d07683bd/export 2026-06-09T11:46:34.737627+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "81d27fd5-9958-43cf-ba7c-2206d07683bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mnss3hh26k2o", "content": "OpenAI Codex\u304c\u300cHTTP/2\u7206\u5f3e\u300d\u3092\u767a\u898b-1\u53f0\u306ePC\u304b\u3089DOS\u653b\u6483\u304c\u53ef\u80fd\u306b(CVE-2026-49975)\n\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews #cyberattack", "creation_timestamp": "2026-06-08T23:03:00.914233Z"} 2026-06-08T23:03:00.914233+00:00 https://vulnerability.circl.lu/sighting/3d0d18eb-6f6e-412c-9d49-4c46580fe343/export 2026-06-09T11:46:34.736408+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "3d0d18eb-6f6e-412c-9d49-4c46580fe343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49975", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3mnu2uq6ygc2l", "content": "SIOS\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d6\u30ed\u30b0\u3092\u66f4\u65b0\u3057\u307e\u3057\u305f\u3002\n\nApache\u306e\u8106\u5f31\u6027(Moderate: CVE-2026-34355, CVE-2026-42535, CVE-2026-43951, CVE-2026-44119, CVE-2026-44186, CVE-2026-49975, Low:\u8907\u6570)\u30682.4.68\u30ea\u30ea\u30fc\u30b9\n\n#sios_tech #security #vulnerability #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u8106\u5f31\u6027 #apache \n\nsecurity.sios.jp/vulnerabilit...", "creation_timestamp": "2026-06-09T11:13:00.901618Z"} 2026-06-09T11:13:00.901618+00:00