A remote attacker can exploit a denial-of-service vulnerability (CVE-2026-49975) in the HTTP/2 protocol to crash affected systems, with proof-of-concept exploit code publicly available. The vulnerability impacts web servers with HTTP/2 enabled. Organizations should apply vendor-provided fixes immediately.
A vulnerability was identified in HTTP/2 Protocol. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system. Note: Proof of Concept exploit code is publicly available for CVE-2026-49975. The vulnerability allows remote... Impact Denial of Service System / Technologies affected Web servers with HTTP/2 protocol enabled are potentially affected. Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the related vendors.