<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 10 Jul 2026 19:24:45 +0000</lastBuildDate>
    <item>
      <title>1f3c0673-c76c-46a3-bdc2-7e1d8737dee5</title>
      <link>https://vulnerability.circl.lu/sighting/1f3c0673-c76c-46a3-bdc2-7e1d8737dee5/export</link>
      <description>{"uuid": "1f3c0673-c76c-46a3-bdc2-7e1d8737dee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ZerodayAlert/254", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 Rapid Reset \u0434\u043b\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432\n\n\ud83d\ude35\u200d\ud83d\udcab \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-44487 (Rapid Reset) \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043c\u043e\u0449\u043d\u044b\u0435 DDoS-\u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 \u00ab\u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\u00bb. \u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442.\n\n\ud83d\udca5 \u0410\u0442\u0430\u043a\u0438 Rapid Reset \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0437\u0430 \u0441\u0447\u0435\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 \u043e\u0434\u043d\u043e HTTP/2-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0438 \u043e\u0442\u043c\u0435\u043d\u044b \u0438\u0445 \u043f\u0435\u0440\u0435\u0434 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435\u043c. \u0421\u0435\u0440\u0432\u0435\u0440 \u0442\u0440\u0430\u0442\u0438\u0442 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u043d\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0437\u043a\u0435.\n\n\u2601\ufe0f \u041a\u0440\u0443\u043f\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Google, AWS \u0438 Cloudflare, \u0443\u0436\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u043e\u0442 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 DDoS \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Rapid Reset, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0432\u0448\u0438\u0445 \u0441\u043e\u0442\u0435\u043d \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443.\n\n#\u0443\u0433\u0440\u043e\u0437\u0430 #\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #\u0434\u0430\u043d\u043d\u044b\u0435\u0432\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \n\n@ZerodayAlert", "creation_timestamp": "2026-07-07T00:00:10.864171Z"}</description>
      <content:encoded>{"uuid": "1f3c0673-c76c-46a3-bdc2-7e1d8737dee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ZerodayAlert/254", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 Rapid Reset \u0434\u043b\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432\n\n\ud83d\ude35\u200d\ud83d\udcab \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-44487 (Rapid Reset) \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043c\u043e\u0449\u043d\u044b\u0435 DDoS-\u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 \u00ab\u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\u00bb. \u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442.\n\n\ud83d\udca5 \u0410\u0442\u0430\u043a\u0438 Rapid Reset \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0437\u0430 \u0441\u0447\u0435\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 \u043e\u0434\u043d\u043e HTTP/2-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0438 \u043e\u0442\u043c\u0435\u043d\u044b \u0438\u0445 \u043f\u0435\u0440\u0435\u0434 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435\u043c. \u0421\u0435\u0440\u0432\u0435\u0440 \u0442\u0440\u0430\u0442\u0438\u0442 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u043d\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0437\u043a\u0435.\n\n\u2601\ufe0f \u041a\u0440\u0443\u043f\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Google, AWS \u0438 Cloudflare, \u0443\u0436\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u043e\u0442 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 DDoS \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Rapid Reset, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0432\u0448\u0438\u0445 \u0441\u043e\u0442\u0435\u043d \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443.\n\n#\u0443\u0433\u0440\u043e\u0437\u0430 #\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #\u0434\u0430\u043d\u043d\u044b\u0435\u0432\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \n\n@ZerodayAlert", "creation_timestamp": "2026-07-07T00:00:10.864171Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1f3c0673-c76c-46a3-bdc2-7e1d8737dee5/export</guid>
      <pubDate>Tue, 07 Jul 2026 00:00:10 +0000</pubDate>
    </item>
    <item>
      <title>067a52f9-0af6-4b7c-bd2a-381b669f860f</title>
      <link>https://vulnerability.circl.lu/sighting/067a52f9-0af6-4b7c-bd2a-381b669f860f/export</link>
      <description>{"uuid": "067a52f9-0af6-4b7c-bd2a-381b669f860f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ZerodayAlert/254", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 Rapid Reset \u0434\u043b\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432\n\n\ud83d\ude35\u200d\ud83d\udcab \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-44487 (Rapid Reset) \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043c\u043e\u0449\u043d\u044b\u0435 DDoS-\u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 \u00ab\u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\u00bb. \u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442.\n\n\ud83d\udca5 \u0410\u0442\u0430\u043a\u0438 Rapid Reset \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0437\u0430 \u0441\u0447\u0435\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 \u043e\u0434\u043d\u043e HTTP/2-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0438 \u043e\u0442\u043c\u0435\u043d\u044b \u0438\u0445 \u043f\u0435\u0440\u0435\u0434 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435\u043c. \u0421\u0435\u0440\u0432\u0435\u0440 \u0442\u0440\u0430\u0442\u0438\u0442 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u043d\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0437\u043a\u0435.\n\n\u2601\ufe0f \u041a\u0440\u0443\u043f\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Google, AWS \u0438 Cloudflare, \u0443\u0436\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u043e\u0442 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 DDoS \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Rapid Reset, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0432\u0448\u0438\u0445 \u0441\u043e\u0442\u0435\u043d \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443.\n\n#\u0443\u0433\u0440\u043e\u0437\u0430 #\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #\u0434\u0430\u043d\u043d\u044b\u0435\u0432\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \n\n@ZerodayAlert", "creation_timestamp": "2026-07-06T11:00:05.929496Z"}</description>
      <content:encoded>{"uuid": "067a52f9-0af6-4b7c-bd2a-381b669f860f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ZerodayAlert/254", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 Rapid Reset \u0434\u043b\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432\n\n\ud83d\ude35\u200d\ud83d\udcab \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-44487 (Rapid Reset) \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043c\u043e\u0449\u043d\u044b\u0435 DDoS-\u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 \u00ab\u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\u00bb. \u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442.\n\n\ud83d\udca5 \u0410\u0442\u0430\u043a\u0438 Rapid Reset \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0437\u0430 \u0441\u0447\u0435\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 \u043e\u0434\u043d\u043e HTTP/2-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0438 \u043e\u0442\u043c\u0435\u043d\u044b \u0438\u0445 \u043f\u0435\u0440\u0435\u0434 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435\u043c. \u0421\u0435\u0440\u0432\u0435\u0440 \u0442\u0440\u0430\u0442\u0438\u0442 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u043d\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0437\u043a\u0435.\n\n\u2601\ufe0f \u041a\u0440\u0443\u043f\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Google, AWS \u0438 Cloudflare, \u0443\u0436\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u043e\u0442 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 DDoS \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Rapid Reset, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0432\u0448\u0438\u0445 \u0441\u043e\u0442\u0435\u043d \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443.\n\n#\u0443\u0433\u0440\u043e\u0437\u0430 #\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #\u0434\u0430\u043d\u043d\u044b\u0435\u0432\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \n\n@ZerodayAlert", "creation_timestamp": "2026-07-06T11:00:05.929496Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/067a52f9-0af6-4b7c-bd2a-381b669f860f/export</guid>
      <pubDate>Mon, 06 Jul 2026 11:00:05 +0000</pubDate>
    </item>
    <item>
      <title>3002c849-296b-4e21-bbd1-83603580f155</title>
      <link>https://vulnerability.circl.lu/sighting/3002c849-296b-4e21-bbd1-83603580f155/export</link>
      <description>{"uuid": "3002c849-296b-4e21-bbd1-83603580f155", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0cbf9a82-2675-4ede-b44b-4bd004a74aa9", "content": "", "creation_timestamp": "2026-06-23T14:05:46.590267Z"}</description>
      <content:encoded>{"uuid": "3002c849-296b-4e21-bbd1-83603580f155", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0cbf9a82-2675-4ede-b44b-4bd004a74aa9", "content": "", "creation_timestamp": "2026-06-23T14:05:46.590267Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3002c849-296b-4e21-bbd1-83603580f155/export</guid>
      <pubDate>Tue, 23 Jun 2026 14:05:46 +0000</pubDate>
    </item>
    <item>
      <title>35709a42-e081-4c92-abf1-e253ec9d0d98</title>
      <link>https://vulnerability.circl.lu/sighting/35709a42-e081-4c92-abf1-e253ec9d0d98/export</link>
      <description>{"uuid": "35709a42-e081-4c92-abf1-e253ec9d0d98", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/26e0bfc9-446c-4f52-a404-d51d9317cf0e", "content": "", "creation_timestamp": "2026-06-19T12:46:47.337533Z"}</description>
      <content:encoded>{"uuid": "35709a42-e081-4c92-abf1-e253ec9d0d98", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/26e0bfc9-446c-4f52-a404-d51d9317cf0e", "content": "", "creation_timestamp": "2026-06-19T12:46:47.337533Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/35709a42-e081-4c92-abf1-e253ec9d0d98/export</guid>
      <pubDate>Fri, 19 Jun 2026 12:46:47 +0000</pubDate>
    </item>
    <item>
      <title>74181123-96eb-4cfb-b823-36bace3b3102</title>
      <link>https://vulnerability.circl.lu/sighting/74181123-96eb-4cfb-b823-36bace3b3102/export</link>
      <description>{"uuid": "74181123-96eb-4cfb-b823-36bace3b3102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://gist.github.com/ishideo/2ef9371157b4cfc12ab0e8d4afc0847b", "content": "# Introduction\n\nThis Gist aims to centralise the most relevant public sources of information related to the [HTTP/2](https://datatracker.ietf.org/doc/html/rfc7540) Rapid Reset vulnerability. This vulnerability has been disclosed jointly by Google, Amazon AWS, and Cloudflare on 10 October 2023 at 12:00 UTC.\n\nPlease help us make this page as comprehensive as possible by contributing relevant references, vendor advisories and statements, mitigations, etc.\n\n# References\n\n- [CVE-2023-44487](https://cvepremium.circl.lu/cve/CVE-2023-44487), CIRCL CVE Search\n- [How AWS protects customers from DDoS events](https://aws.amazon.com/blogs/security/how-aws-protects-customers-from-ddos-events/), AWS\n- [How it works: The novel HTTP/2 \u2018Rapid Reset\u2019 DDoS attack](https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack), Google\n- [HTTP/2 Rapid Reset: deconstructing the record-breaking attack](https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/), Cloudflare\n- [Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2](https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/), Microsoft \n- Potential mention of a [similar issue in 2018 concerning HAproxy](https://www.mail-archive.com/haproxy@formilux.org/msg44134.html)\n- [RFC7540 - Hypertext Transfer Protocol Version 2 (HTTP/2)](https://datatracker.ietf.org/doc/html/rfc7540)\n- [Security Advisory 2023-074 HTTP/2 Rapid Reset DDoS Vulnerability](https://www.cert.europa.eu/static/SecurityAdvisories/2023/CERT-EU-SA2023-074.pdf), CERT-EU\n- [HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487](https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487), CISA\n- [Using HTTP/3 Stream Limits in HTTP/2](https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html) - IETF draft to backport the HTTP/3 steam limits in HTTP/2\n\n# Vendor advisories and statements\n\n- [Apache Tomcat](https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e) - Fixed in 8.5.94\n- [AWS](https://aws.amazon.com/security/security-bulletins/AWS-2023-011/)\n- [F5](https://www.f5.com/company/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products)\n- [Golang](https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo)\n- [HAPROXY](https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487) - HAProxy is not affected by the HTTP/2 Rapid Reset Attack\n- [Kong](https://konghq.com/blog/product-releases/novel-http2-rapid-reset-ddos-vulnerability-update)\n- [Microsoft IIS](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487)\n- [Microsoft MsQuic](https://github.com/microsoft/msquic/releases/tag/v2.2.3) - Fixed in 2.2.3\n- [Netscaler](https://www.netscaler.com/blog/news/how-to-mitigate-the-http-2-rapid-reset-vulnerability-on-netscaler/)\n- [Nginx](https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/)\n- [nghttp2 library](https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg) - Fixed in 1.57.0\n\n# Testing if HTTP/2 is enabled\n\n## OpenSSL\n\n~~~shell\necho 1 | openssl s_client -alpn h2 -connect google.com:443 -status 2&amp;gt;&amp;amp;1  | grep \"ALPN\"\n~~~\n\n## Nmap\n\n~~~shell\nnmap -p 443 --script=tls-nextprotoneg www.google.com\n~~~\n\n## curl\n\n~~~shell\ncurl -Is --http2-prior-knowledge https://example.com/| head -1\n~~~\n# Testing if it's vulnerable (use at your own risk)\n\n- [Basic vulnerability scanning tool to see if web servers may be vulnerable to CVE-2023-44487](https://github.com/bcdannyboy/CVE-2023-44487)\n- [Rapid Reset Client is a tool for testing mitigations and exposure to CVE-2023-44487 (Rapid Reset DDoS attack vector)](https://github.com/secengjeff/rapidresetclient)\n\n# Potential remediation\n\n### NGINX \n\n## can be configured to mitigate the vulnerability\n\n- Disabling HTTP/2 in NGINX is not necessary. Simply ensure you have configured:\n\n  -  `keepalive_requests` should be kept at the default setting of 1000 requests\n  -  `http2_max_concurrent_streams` should be kept at the default setting of 128 streams\n  -  `limit_conn` and `limit_req` should be set \"with a reasonable setting balancing application performance and security\"\n\n## If you want to remove `http2` support\n\n- Remove reference to `http2` in the listening part\n\n### DDoS protection / CDNs\n\nWeb apps that are behind the following DDoS protection providers / CDNs should not be impacted:\n\n- AWS\n- Cloudflare\n- Google Cloud\n- Microsoft Azure\n", "creation_timestamp": "2026-06-09T03:35:55.000000Z"}</description>
      <content:encoded>{"uuid": "74181123-96eb-4cfb-b823-36bace3b3102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://gist.github.com/ishideo/2ef9371157b4cfc12ab0e8d4afc0847b", "content": "# Introduction\n\nThis Gist aims to centralise the most relevant public sources of information related to the [HTTP/2](https://datatracker.ietf.org/doc/html/rfc7540) Rapid Reset vulnerability. This vulnerability has been disclosed jointly by Google, Amazon AWS, and Cloudflare on 10 October 2023 at 12:00 UTC.\n\nPlease help us make this page as comprehensive as possible by contributing relevant references, vendor advisories and statements, mitigations, etc.\n\n# References\n\n- [CVE-2023-44487](https://cvepremium.circl.lu/cve/CVE-2023-44487), CIRCL CVE Search\n- [How AWS protects customers from DDoS events](https://aws.amazon.com/blogs/security/how-aws-protects-customers-from-ddos-events/), AWS\n- [How it works: The novel HTTP/2 \u2018Rapid Reset\u2019 DDoS attack](https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack), Google\n- [HTTP/2 Rapid Reset: deconstructing the record-breaking attack](https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/), Cloudflare\n- [Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2](https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/), Microsoft \n- Potential mention of a [similar issue in 2018 concerning HAproxy](https://www.mail-archive.com/haproxy@formilux.org/msg44134.html)\n- [RFC7540 - Hypertext Transfer Protocol Version 2 (HTTP/2)](https://datatracker.ietf.org/doc/html/rfc7540)\n- [Security Advisory 2023-074 HTTP/2 Rapid Reset DDoS Vulnerability](https://www.cert.europa.eu/static/SecurityAdvisories/2023/CERT-EU-SA2023-074.pdf), CERT-EU\n- [HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487](https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487), CISA\n- [Using HTTP/3 Stream Limits in HTTP/2](https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html) - IETF draft to backport the HTTP/3 steam limits in HTTP/2\n\n# Vendor advisories and statements\n\n- [Apache Tomcat](https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e) - Fixed in 8.5.94\n- [AWS](https://aws.amazon.com/security/security-bulletins/AWS-2023-011/)\n- [F5](https://www.f5.com/company/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products)\n- [Golang](https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo)\n- [HAPROXY](https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487) - HAProxy is not affected by the HTTP/2 Rapid Reset Attack\n- [Kong](https://konghq.com/blog/product-releases/novel-http2-rapid-reset-ddos-vulnerability-update)\n- [Microsoft IIS](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487)\n- [Microsoft MsQuic](https://github.com/microsoft/msquic/releases/tag/v2.2.3) - Fixed in 2.2.3\n- [Netscaler](https://www.netscaler.com/blog/news/how-to-mitigate-the-http-2-rapid-reset-vulnerability-on-netscaler/)\n- [Nginx](https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/)\n- [nghttp2 library](https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg) - Fixed in 1.57.0\n\n# Testing if HTTP/2 is enabled\n\n## OpenSSL\n\n~~~shell\necho 1 | openssl s_client -alpn h2 -connect google.com:443 -status 2&amp;gt;&amp;amp;1  | grep \"ALPN\"\n~~~\n\n## Nmap\n\n~~~shell\nnmap -p 443 --script=tls-nextprotoneg www.google.com\n~~~\n\n## curl\n\n~~~shell\ncurl -Is --http2-prior-knowledge https://example.com/| head -1\n~~~\n# Testing if it's vulnerable (use at your own risk)\n\n- [Basic vulnerability scanning tool to see if web servers may be vulnerable to CVE-2023-44487](https://github.com/bcdannyboy/CVE-2023-44487)\n- [Rapid Reset Client is a tool for testing mitigations and exposure to CVE-2023-44487 (Rapid Reset DDoS attack vector)](https://github.com/secengjeff/rapidresetclient)\n\n# Potential remediation\n\n### NGINX \n\n## can be configured to mitigate the vulnerability\n\n- Disabling HTTP/2 in NGINX is not necessary. Simply ensure you have configured:\n\n  -  `keepalive_requests` should be kept at the default setting of 1000 requests\n  -  `http2_max_concurrent_streams` should be kept at the default setting of 128 streams\n  -  `limit_conn` and `limit_req` should be set \"with a reasonable setting balancing application performance and security\"\n\n## If you want to remove `http2` support\n\n- Remove reference to `http2` in the listening part\n\n### DDoS protection / CDNs\n\nWeb apps that are behind the following DDoS protection providers / CDNs should not be impacted:\n\n- AWS\n- Cloudflare\n- Google Cloud\n- Microsoft Azure\n", "creation_timestamp": "2026-06-09T03:35:55.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/74181123-96eb-4cfb-b823-36bace3b3102/export</guid>
      <pubDate>Tue, 09 Jun 2026 03:35:55 +0000</pubDate>
    </item>
    <item>
      <title>c80a318d-b09e-4320-9c84-00832f4bcb53</title>
      <link>https://vulnerability.circl.lu/sighting/c80a318d-b09e-4320-9c84-00832f4bcb53/export</link>
      <description>{"uuid": "c80a318d-b09e-4320-9c84-00832f4bcb53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/LhIaoh3_gVTYhhCtIaB2hHXuGQagt5GRqp2XlP3YfDwVpSU", "content": "", "creation_timestamp": "2026-06-06T21:00:04.000000Z"}</description>
      <content:encoded>{"uuid": "c80a318d-b09e-4320-9c84-00832f4bcb53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/LhIaoh3_gVTYhhCtIaB2hHXuGQagt5GRqp2XlP3YfDwVpSU", "content": "", "creation_timestamp": "2026-06-06T21:00:04.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c80a318d-b09e-4320-9c84-00832f4bcb53/export</guid>
      <pubDate>Sat, 06 Jun 2026 21:00:04 +0000</pubDate>
    </item>
    <item>
      <title>0021d796-5f6d-4036-afaa-6f1565f865d5</title>
      <link>https://vulnerability.circl.lu/sighting/0021d796-5f6d-4036-afaa-6f1565f865d5/export</link>
      <description>{"uuid": "0021d796-5f6d-4036-afaa-6f1565f865d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/bDRsekGT6KsUOKSAQI-KSXDhypQzzgL-gjqbTcCXe2h_h6A", "content": "", "creation_timestamp": "2026-05-15T21:00:05.000000Z"}</description>
      <content:encoded>{"uuid": "0021d796-5f6d-4036-afaa-6f1565f865d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/bDRsekGT6KsUOKSAQI-KSXDhypQzzgL-gjqbTcCXe2h_h6A", "content": "", "creation_timestamp": "2026-05-15T21:00:05.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0021d796-5f6d-4036-afaa-6f1565f865d5/export</guid>
      <pubDate>Fri, 15 May 2026 21:00:05 +0000</pubDate>
    </item>
    <item>
      <title>eeca493d-39d2-461b-9788-e609d9a41a8b</title>
      <link>https://vulnerability.circl.lu/sighting/eeca493d-39d2-461b-9788-e609d9a41a8b/export</link>
      <description>{"uuid": "eeca493d-39d2-461b-9788-e609d9a41a8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/eiq80vTfK0uEvpSaVkLstXl9YEDfyEgGUyA39bKhe3J3sOM", "content": "", "creation_timestamp": "2026-04-24T09:00:04.000000Z"}</description>
      <content:encoded>{"uuid": "eeca493d-39d2-461b-9788-e609d9a41a8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/eiq80vTfK0uEvpSaVkLstXl9YEDfyEgGUyA39bKhe3J3sOM", "content": "", "creation_timestamp": "2026-04-24T09:00:04.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/eeca493d-39d2-461b-9788-e609d9a41a8b/export</guid>
      <pubDate>Fri, 24 Apr 2026 09:00:04 +0000</pubDate>
    </item>
    <item>
      <title>6cbc5d06-ab29-4cc9-8973-b0d5bfc1bf7e</title>
      <link>https://vulnerability.circl.lu/sighting/6cbc5d06-ab29-4cc9-8973-b0d5bfc1bf7e/export</link>
      <description>{"uuid": "6cbc5d06-ab29-4cc9-8973-b0d5bfc1bf7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}</description>
      <content:encoded>{"uuid": "6cbc5d06-ab29-4cc9-8973-b0d5bfc1bf7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6cbc5d06-ab29-4cc9-8973-b0d5bfc1bf7e/export</guid>
      <pubDate>Thu, 19 Mar 2026 00:00:00 +0000</pubDate>
    </item>
    <item>
      <title>2d164614-88b7-48f8-8384-3a376a7f37ea</title>
      <link>https://vulnerability.circl.lu/sighting/2d164614-88b7-48f8-8384-3a376a7f37ea/export</link>
      <description>{"uuid": "2d164614-88b7-48f8-8384-3a376a7f37ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0287/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}</description>
      <content:encoded>{"uuid": "2d164614-88b7-48f8-8384-3a376a7f37ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0287/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2d164614-88b7-48f8-8384-3a376a7f37ea/export</guid>
      <pubDate>Fri, 13 Mar 2026 00:00:00 +0000</pubDate>
    </item>
  </channel>
</rss>
