Debian DSA-6266-1 nghttp2 Critical DoS Exploit CVE-2026-27135

It was discovered that nghttp2, an implementation of the HTTP/2 protocol, could be crashed via an assertion failure. A remote attacker could exploit this to cause a DoS attack by sending a malformed frame immediately after triggering the termination path. For the oldstable distribution (bookworm), this problem has been fixedLinuxSecurity – Security AdvisoriesRead More