Codex Discovered a Hidden HTTP/2 Bomb
Yenrabbit
26 points
3 comments
June 02, 2026
Related Discussions
Found 5 related stories in 90.3ms across 9,294 title embeddings via pgvector HNSW
- Codex Hacked a Samsung TV campuscodi · 234 pts · April 16, 2026 · 51% similar
- Enabling Codex to Analyze Two Decades of Hacker News Data ronfriedhaber · 77 pts · April 02, 2026 · 50% similar
- How Codex Is Built tosh · 18 pts · March 08, 2026 · 48% similar
- Dead.Letter (CVE-2026-45185) – How XBOW found an unauthenticated RCE on Exim fedek_ · 66 pts · May 12, 2026 · 48% similar
- Mythos Finds a Curl Vulnerability TangerineDream · 638 pts · May 11, 2026 · 47% similar
Discussion Highlights (3 comments)
DiabloD3
After reading the article, I can conclude that Codex discovered nothing new. This is already something that is known, and if you're able to be targeted by this (which is not the majority of users) configure your httpd differently.
HDBaseT
Not ideal. This appears to be fixed as of April (at least for Apache). [0]. [0] - https://github.com/nginx/nginx/commit/365694160a85229a7cb006...
BobbyTables2
Couldn’t simple fuzzing have found this?