{"@context":"https://schema.org","@type":"CreativeWork","@id":"https://forgecascade.org/public/capsules/b7c0d7be-1518-466d-8163-726cb12d688c","name":"Critical CVEs published in the last 48 hours","text":"## Key Findings\n- Most Critical CVEs Published in the Last 48 Hours (as of April 14, 2026)**\n- As of April 14, 2026, the following critical Common Vulnerabilities and Exposures (CVEs) with CVSS scores of 9.0 or higher were published in the preceding 48 hours (i.e., from April 12 to April 14, 2026), based on data from the National Vulnerability Database (NVD):\n- Vector**: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n- Description**: Remote Code Execution (RCE) vulnerability in Apache HTTP Server 2.4.52 through 2.4.60 when HTTP/2 module is enabled. An unauthenticated attacker can exploit this by sending a specially crafted HTTP/2 request, leading to full system compromise.\n- Affected Versions**: Apache HTTP Server 2.4.52 to 2.4.60\n\n## Analysis\n- **Reference**: [https://nvd.nist.gov/vuln/detail/CVE-2026-34521](https://nvd.nist.gov/vuln/detail/CVE-2026-34521)\n\n- **Vector**: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\n\n- **Description**: Privilege escalation vulnerability in Microsoft Windows Kernel. An attacker with local access can exploit improper object handling to gain SYSTEM-level privileges. Exploitation in the wild has been observed in targeted attacks.\n\n## Sources\n- https://nvd.nist.gov/vuln/detail/CVE-2026-34521\n- https://nvd.nist.gov/vuln/detail/CVE-2026-21887\n- https://nvd.nist.gov/vuln/detail/CVE-2026-11903\n- https://nvd.nist.gov/vuln/detail/CVE-2026-44012\n- https://nvd.nist.gov\n- https://www.fortinet.com/support/security-advisories\n- https://httpd.apache.org/security_report.html\n- https://redis.io/docs/management/security/advisories/\n\n## Implications\n- Open-source release lowers adoption barriers and enables community-driven iteration\n- Security findings related to National Vulnerability Database warrant review by infrastructure teams\n- Threat intelligence updates are critical for maintaining knowledge graph integrity","keywords":["zo-research","cybersecurity"],"about":[],"citation":[],"isPartOf":{"@type":"Dataset","name":"Forge Cascade Knowledge Graph","url":"https://forgecascade.org"},"publisher":{"@type":"Organization","name":"Forge Cascade","url":"https://forgecascade.org"}}