Skip to main content
Services
How We Work
Technology
Results
Resources
Company
Log in
Get Assessment
Vulnerability Intelligence
ELSA-2026-7666
ELSA-2026-7666
UNKNOWN
ELSA-2026-7666: nghttp2 security update (IMPORTANT)
Published Apr 12, 2026
Modified 4 days ago
Fix available
Details
[1.64.0-2.1]
fix Denial of service: Assertion failure due to the missing state validation (CVE-2026-27135)
Affected Packages
libnghttp2
OracleLinux 10
Fixed in:
0:1.64.0-2.el10_1.1
libnghttp2-devel
OracleLinux 10
Fixed in:
0:1.64.0-2.el10_1.1
nghttp2
OracleLinux 10
Fixed in:
0:1.64.0-2.el10_1.1
Related
CVE-2026-27135
Ecosystems
OracleLinux 10
Timeline
Published
Apr 12, 2026
Modified
Apr 12, 2026
ELSA-2026-7666 | Mondoo Vulnerability Intelligence