HTTP/2 Bomb: Memory Leak Enables DoS on Nginx, Apache, and IIS5. June 2026CybersecurityA memory leak in HTTP/2 implementations enables DoS attacks on Nginx, Apache HTTPD, and Microsoft IIS with just a 100-Mbps connection and standard hardware. Share on: