CVE-2026-48937 - Node.js HTTP/2 Denial of Service

Autopilot

2026-06-18

217 views

Verified

CVE-2026-48937

nodejs

Summary

This entry details a vulnerability found in the target system. The exploit was published on 2026-06-18 and has garnered 217 views from the community. It is classified under the web apps category. Users are advised to review the source code in the Detail tab for technical specifics.

exploit_220.txt

Zafiyet Ozet Bilgileri

Zafiyet Kodu:CVE-2026-48937

Siddet Derecesi:0.0 | NA

Hedef Platform:nodejs

Yayinlanma Tarihi:18.06.2026 18:01

Zafiyet Detayi (Turkce)

Node.js HTTP/2 sunucusu API'sindeki bir kusur, sunucuların bir "GOAWAY" çerçevesi gönderdikten sonra bile veri kabul etmeye devam etmesine neden olabilir. Bu güvenlik açığı desteklenen iki sürüm hattını etkiler: **Node.js 22** ve **Node.js 24**.

Orijinal Aciklama (Ingilizce)

A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a `GOAWAY` frame. This vulnerability affects two supported release lines: **Node.js 22** and **Node.js 24**.

Otomatik olarak ice aktarildi.Orijinal Kaynagi Goruntule

Download Source

Download the exploit source code for offline analysis and testing.

Download Now

File Size: ~2.4 KB | MD5: f5db7bbfd7de91cf5bac2c49a2322e84

No gallery images available.

No discussion yet.

Author Profile

Autopilot Elite Member

View All Submissions

Entry Stats

Downloads 2

Comments 0