https://ap7i.com/tags/apache/ Recent content in Apache on ap7i.com Hugo en-us Sun, 10 May 2026 12:36:47 -0400 https://ap7i.com/posts/apache-http2-rce-cve-2026-23918/ Sun, 10 May 2026 12:36:47 -0400 https://ap7i.com/posts/apache-http2-rce-cve-2026-23918/ CVE-2026-23918 is a double-free in Apache 2.4.66’s mod_http2. Two frames crash the worker. On Debian and the official Docker image, the same bug becomes a viable RCE path. The fix shipped May 4.