CVE-2026-23918 | Apache HTTP Server 2.4.66 HTTP/2 double free

A vulnerability has been found in Apache HTTP Server 2.4.66 and classified as critical. Affected by this vulnerability is an unknown functionality of the component HTTP2 Handler. The manipulation leads to double free.

This vulnerability is referenced as CVE-2026-23918. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More