Browse all 4 CVE security advisories affecting nghttp2. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-27135 | nghttp2 Denial of service: Assertion failure due to the missing state validation — nghttp2CWE-617 | 7.5 | High | 2026-03-18 |
| CVE-2024-28182 | Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage — nghttp2CWE-770 | 5.3 | Medium | 2024-04-04 |
| CVE-2020-11080 | Denial of service in nghttp2 — nghttp2CWE-707 | 3.7 | Low | 2020-06-03 |
| CVE-2016-1544 | Nghttp2 资源管理错误漏洞 — nghttp2 | 6.2 | - | 2020-02-06 |
This page lists every published CVE security advisory associated with nghttp2. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.