Analysis updated 2026-05-18
Reproduce CVE-2026-23918 in a Docker lab to verify a patch is effective
Study a real-world double-free vulnerability class for security research
Test detection tooling against a known Apache httpd exploit in a controlled environment
| striga-ai/cve-2026-23918 | aevella/sky-pc-mcp-companion | alicankiraz1/gemma-4-31b-mtp-vllm-server | |
|---|---|---|---|
| Stars | 26 | 26 | 26 |
| Language | Python | Python | Python |
| Setup difficulty | moderate | moderate | hard |
| Complexity | 4/5 | 3/5 | 4/5 |
| Audience | researcher | vibe coder | ops devops |
Figures from each repo's GitHub metadata at analysis time.
Requires Docker and Python 3, exploitation is probabilistic and may take minutes to hours to succeed.
This repository contains a proof-of-concept (PoC) exploit, a working demonstration that a security vulnerability is real and exploitable, for a flaw tracked as CVE-2026-23918 in Apache httpd, one of the most widely used web server software packages. The specific flaw is a "double-free" bug in the mod_http2 module, which handles the HTTP/2 network protocol. A double-free happens when a program tries to release the same piece of memory twice, which can corrupt internal data structures and in some cases be weaponized by an attacker to run arbitrary commands on the server. The README notes this is a pre-auth vulnerability, meaning an attacker does not need to log in or have any existing credentials, a network connection alone is sufficient to attempt the exploit. The affected versions are Apache httpd 2.4.66 with mod_http2 enabled, and the bug was fixed in version 2.4.67. The repository includes scripts to spin up a vulnerable server inside Docker (a containerized environment for safe testing), helper scripts to extract the specific memory addresses needed, and the exploit itself. The README notes that successful exploitation is probabilistic and may take anywhere from minutes to hours. This is intended as a security research tool: verifying patches, studying the exploit class, or testing detection tools in a controlled lab environment. The code is written in Python and requires Docker to run the vulnerable test environment.
A proof-of-concept exploit for a patched pre-auth double-free bug in Apache httpd's mod_http2 module.
Mainly Python. The stack also includes Python, Docker.
Setup difficulty is rated moderate, with roughly 1h+ to a first successful run.
Mainly researcher.
This repo across BitVibe Labs
Verify against the repo before relying on details.