All 4 CVE vulnerabilities found in nghttp2, with AI-generated Chinese analysis, references, and POCs.
Vendor: nghttp2
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-27135 | nghttp2 Denial of service: Assertion failure due to the missing state validation CWE-617 | 7.5 | High | 2026-03-18 |
| CVE-2024-28182 | Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage CWE-770 | 5.3 | Medium | 2024-04-04 |
| CVE-2020-11080 | Denial of service in nghttp2 CWE-707 | 3.7 | Low | 2020-06-03 |
| CVE-2016-1544 | Nghttp2 资源管理错误漏洞 | 6.2 | - | 2020-02-06 |
All 4 known CVE vulnerabilities affecting nghttp2 with full Chinese analysis, references, and POCs where available.