CVE-2026-27141
published 2026-02-26CVE-2026-27141: Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
PriorityP344high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.50%
39.0th percentile
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | golang-golang-x-net | — | — |
| github.com | traefik_traefik_v2 | >= 0 < 2.11.40 | 2.11.40 |
| github.com | traefik_traefik_v3 | >= 0 < 3.6.10 | 3.6.10 |
| golang.org | x_net | >= 0.50.0 < 0.51.0 | 0.51.0 |
| golang.org | x_net_golang.org_x_net_http2 | >= 0.50.0 < 0.51.0 | 0.51.0 |
| msrc | azl3_application-gateway-kubernetes-ingress_1.7.7-3 | — | — |
| msrc | azl3_azcopy_10.25.1-4 | — | — |
| msrc | azl3_azurelinux-image-tools_1.2.0-1 | — | — |
| msrc | azl3_cert-manager_1.12.15-6 | — | — |
| msrc | azl3_cf-cli_8.7.11-5 | — | — |
| msrc | azl3_cloud-provider-kubevirt_0.5.1-3 | — | — |
| msrc | azl3_containerd2_2.0.0-18 | — | — |
| msrc | azl3_containerized-data-importer_1.62.0-2 | — | — |
| msrc | azl3_coredns_1.11.4-14 | — | — |
| msrc | azl3_cri-tools_1.32.0-4 | — | — |
| msrc | azl3_docker-buildx_0.14.0-10 | — | — |
| msrc | azl3_docker-cli_25.0.7-2 | — | — |
| msrc | azl3_docker-compose_2.27.0-8 | — | — |
| msrc | azl3_etcd_3.5.21-1 | — | — |
| msrc | azl3_flannel_0.24.2-24 | — | — |
| msrc | azl3_gh_2.62.0-13 | — | — |
| msrc | azl3_git-lfs_3.6.1-2 | — | — |
| msrc | azl3_influxdb_2.7.5-13 | — | — |
| msrc | azl3_jx_3.10.182-3 | — | — |
| msrc | azl3_kata-containers_3.19.1.kata2-6 | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ghsa7.5HIGH
osv7.5HIGH
vendor_debian7.5LOW
vendor_msrc7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
ADSys vulnerabilities
vendor_ubuntu·2026-06-15·CVSS 7.5
CVE-2026-33814 [HIGH] ADSys vulnerabilities
Title: ADSys vulnerabilities
Summary: Several security issues were fixed in ADSys.
It was discovered that ADSys did not properly handle certain HTTP/2 frames.
A remote attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 26.04 LTS. (CVE-2026-27141)
It was discovered that ADSys did not properly handle certain HTTP/2
SETTINGS frames. A remote attacker could possibly use this issue to cause a
denial of service. (CVE-2026-33814)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames
vendor_redhat·2026-02-26·CVSS 7.5
CVE-2026-27141 [HIGH] CWE-476 golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames
golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
A flaw was found in golang.org/x/net/http2. A remote attacker can exploit this vulnerability by sending specially crafted HTTP/2 frames, which are data packets used in the HTTP/2 protocol. Due to a missing check for null values, processing these specific frames (types 0x0a through 0x0f) can cause the server to crash. This leads to a Denial of Service (DoS) condition, making the affected server unavailable to legitimate users.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and d
Microsoft
Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
vendor_msrc·2026-02-10·CVSS 7.5
CVE-2026-27141 [HIGH] CWE-476 Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
Mariner: Mariner
Go: Go
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
Debian
CVE-2026-27141: golang-golang-x-net - Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running s...
vendor_debian·2026·CVSS 7.5
CVE-2026-27141 [HIGH] CVE-2026-27141: golang-golang-x-net - Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running s...
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
Traefik: HTTP/2 frames can cause a running server to panic
ghsa·2026-03-12·CVSS 7.5
CVE-2026-27141 [HIGH] CWE-476 Traefik: HTTP/2 frames can cause a running server to panic
Traefik: HTTP/2 frames can cause a running server to panic
## Summary
More Details:
- https://nvd.nist.gov/vuln/detail/CVE-2026-27141
- https://pkg.go.dev/golang.org/x/net/http2?tab=versions
## Patches
- https://github.com/traefik/traefik/releases/tag/v3.6.10
- https://github.com/traefik/traefik/releases/tag/v2.11.40
## For more information
If you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).
OSV
Traefik: HTTP/2 frames can cause a running server to panic
osv·2026-03-12·CVSS 7.5
CVE-2026-27141 [HIGH] Traefik: HTTP/2 frames can cause a running server to panic
Traefik: HTTP/2 frames can cause a running server to panic
## Summary
More Details:
- https://nvd.nist.gov/vuln/detail/CVE-2026-27141
- https://pkg.go.dev/golang.org/x/net/http2?tab=versions
## Patches
- https://github.com/traefik/traefik/releases/tag/v3.6.10
- https://github.com/traefik/traefik/releases/tag/v2.11.40
## For more information
If you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).
OSV
CVE-2026-27141: Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
osv·2026-02-26·CVSS 7.5
CVE-2026-27141 [HIGH] CVE-2026-27141: Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
GHSA
GHSA-8fj7-8h3w-xwfm: Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
ghsa_unreviewed·2026-02-26
CVE-2026-27141 [HIGH] CWE-476 GHSA-8fj7-8h3w-xwfm: Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
OSV
Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
osv·2026-02-26
CVE-2026-27141 Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-27141 golang: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames [fedora-42]
bugzilla·2026-02-27·CVSS 7.5
CVE-2026-27141 [HIGH] CVE-2026-27141 golang: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames [fedora-42]
CVE-2026-27141 golang: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
'version' of '42'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintaine
Bugzilla
CVE-2026-27141 golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames
bugzilla·2026-02-26·CVSS 7.5
CVE-2026-27141 [HIGH] CVE-2026-27141 golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames
CVE-2026-27141 golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
Wiz
CVE-2026-27141 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-27141 [HIGH] CVE-2026-27141 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-27141 :
Grafana vulnerability analysis and mitigation
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
Source : NVD
## 7.5
Score
Published February 26, 2026
Severity HIGH
CNA Score 7.5
Affected Technologies
Grafana
Podman
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 5.9
Exploitation Probability (EPSS) N/A
Affected packages and libraries
crossplane-provider-aws-wafv2
seaweedfs-operator-fips
Sources
NVD
CBL-Mariner 3.0 Severity HIGH Has Fix Added at: Mar 14, 2026
Chainguard Has Fix Added at: Mar 03, 2026
GoLang Severity HIGH Has Fix Added at: Mar 13, 2026
Red Hat 8, 9, 10 Severity MEDIUM No Fix Added at: Mar 02, 2026
2026-02-26
Published