Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

HTTP/2 Bomb

Researchers find HTTP/2 flaw that can trigger rapid denial of service on major servers

News, Research, Risk, Vulnerabilities

June 3, 2026

Researchers say a new HTTP/2 denial-of-service flaw can hit major web servers, including NGINX, Apache HTTPD and Microsoft IIS. The issue can rapidly exhaust memory and may be difficult to block in default configurations.

About
Editorial Policy
Privacy
Contact