A newly disclosed denial-of-service vulnerability, tracked as CVE-2026-49975, shows how long-known HTTP/2 weaknesses can still be chained into a highly effective modern attack. SecurityWeek reports that researchers at Calif demonstrated an HTTP/2 Bomb exploit capable of knocking major web servers offline within seconds by combining a compression bomb with a Slowloris-style hold that prevents the […]
The post CVE-2026-49975: HTTP/2 Bomb Attack Can Knock Web Servers Offline in Seconds appeared first on SOC Prime.