CVE-2025-31650

This exploit targets a memory leak in Apache Tomcat via invalid HTTP/2 priority headers, causing a Denial of Service (DoS). It sends malformed priority headers to trigger excessive memory consumption.

This PoC exploits CVE-2025-31650, a memory leak vulnerability in Apache Tomcat (10.1.10-10.1.39) by sending crafted HTTP/2 requests with invalid priority headers to trigger a DoS condition.

This PoC exploits CVE-2025-31650, a memory exhaustion vulnerability in Apache Tomcat, by sending malformed HTTP/2 priority headers to trigger a DoS condition. The script includes HTTP/2 support verification and async-based request flooding.

This PoC exploits CVE-2025-31650, a memory exhaustion vulnerability in Apache Tomcat, by sending malformed HTTP/2 priority headers to trigger a DoS condition. The script includes HTTP/2 support verification and scalable async-based attack capabilities.

This PoC demonstrates a Denial of Service (DoS) attack against Apache Tomcat 10.1.10 to 10.1.39 by flooding the server with malformed HTTP/2 priority headers. It uses asynchronous requests to overwhelm the target and includes real-time monitoring.

This is a functional DoS exploit for CVE-2025-31650 targeting Apache Tomcat 10.1.10-10.1.39 via malformed HTTP/2 priority headers. It uses async HTTP/2 requests to trigger memory leaks and crash the server.

This repository contains a Python-based scanner for detecting CVE-2025-31650, an HTTP/2 priority vulnerability in Apache Tomcat. It uses Shodan for target discovery and httpx for HTTP/2 vulnerability testing.