GHSA-c2gf-v879-257j: netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion
A vulnerability in the netty-codec-http2 library's DelegatingDecompressorFrameListener class can cause a ByteBuf reference-count leak. This leak occurs when a remote peer sends frames that trigger…
Read the full articleYou might also wanna read
Proof-of-Concept Exploit Released for Critical NGINX Heap Buffer Overflow (CVE-2026-42945)
exploit for CVE-2026-42945. Contribute to DepthFirstDisclosures/Nginx-Rift development by creating an account on GitHub.

WAF - WAF Release - 2026-05-15 - Emergency
This emergency release introduces two new rules to detect nginx heap buffer overflow and heap spray exploitation attempts targeting the rewr

NVD - CVE-2025-9033
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code
CVE-2026-12043: Heap Double-Free Vulnerability Discovered in AWS Common Runtime aws-c-http Library
Bulletin ID: 2026-043-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/12/2026 11:45 AM PDT

WAF - WAF Release - 2025-08-07 - Emergency
This week’s highlight focuses on two critical vulnerabilities affecting key infrastructure and enterprise content management platforms. Both
Codex Publishes HTTP/2 Bomb: Remote DoS Exploit Targeting Major Web Servers
14 years ago, I helped break HTTP header compression, then was asked to review the fix, which became part of HTTP/2. Life has come full circ

Comments
Sign in to join the conversation.
No comments yet. Be the first.