Share
## https://sploitus.com/exploit?id=356D4D43-355E-5645-9153-794D0EB4C307
Apache HTTP Server: http2: Double Free and possible RCE on early reset (CVE-2026-23918). Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol.

This issue affects Apache HTTP Server: 2.4.66.

Users are recommended to upgrade to version 2.4.67, which fixes the issue.