striga-ai / CVE-2026-23918

Public

Apache httpd mod_http2 double-free, pre-auth RCE PoC

100% credibility

Found May 12, 2026 at 15 stars -- GitGems finds repos before they trend. Get early access to the next one.

AI Analysis

Python

AI Summary

This repository provides a proof-of-concept demonstration of CVE-2026-23918, a double-free vulnerability in Apache httpd mod_http2 enabling remote code execution before authentication, complete with a vulnerable test environment setup.

How It Works

🔍 Discover the security demo

You find this GitHub project that shows a flaw in a popular web server software.

📖 Read the guide

You learn how this tool helps demonstrate the issue safely in a test setup.

🛠️ Prepare test playground

You create an isolated sandbox with the flawed web server version ready to go.

▶️ Launch test server

You start the vulnerable server on your computer, accessible only to you.

📍 Spot key locations

You run a quick helper to pinpoint special spots inside the server's memory.

🚀 Trigger the demo

You fire off the demonstration to watch the flaw activate in your safe test.

🔍 Check for proof

You peek inside the test server to see if your command left a mark.

✅ Vulnerability confirmed

Success! You've safely reproduced the security issue and learned from it.

Sign up to see the full architecture

6 more

Star Growth

See how this repo grew from 15 to 15 stars Sign Up Free

Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose

AI-Generated Review

What is CVE-2026-23918?

This Python-based project delivers a proof-of-concept exploit for CVE-2026-23918, a double-free vulnerability in Apache HTTP Server's mod_http2 stream cleanup that enables pre-auth remote code execution. It sets up a vulnerable Apache httpd 2.4.66 environment via Docker, extracts key memory addresses like system() and scoreboard, then runs a multi-threaded spray-and-trigger attack over HTTP/2 to execute arbitrary commands. Developers get a complete repro for testing Apache httpd timeout issues or mod_http2 flaws, fixed in 2.4.67.

Why is it gaining traction?

Unlike scattered Apache GitHub httpd patches or unrelated repos like Apache Kafka and Superset, this offers a one-command Docker build for a multi-threaded MPM setup, plus CLI-driven address grabbing and probabilistic RCE demo. The pre-auth nature hooks security folks probing Apache httpd 2.4.41-style exploits without manual httpd.conf tweaks or Windows downloads. Its striga.ai writeup ties it to real-world discoveries, standing out in Apache GitHub actions noise.

Who should use this?

Security researchers validating Apache HTTP Server patches in event/worker MPM configs, pentestors simulating mod_http2 attacks on setups akin to Apache Flink or NiFi nodes, and httpd admins auditing 2.4.52-era deploys before upgrades. Ideal for teams needing quick Docker spins to test exploits like httpd 2.4.18 or 2.4.41 variants.

Verdict

Grab it for targeted vuln repros—solid Docker integration and CLI make it practical despite 15 stars and 1.0% credibility score signaling early maturity. Skip for production; pair with official Apache downloads for safe patching.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.

Stars

Forks

Followers

Base stars: 15 stars

Penalty: Very new repo (0d): -70%

Bonus: AI verified quality (100%)

Account age: 100 days

Repo age: 0 days

Updated: May 12, 2026