TencentOS Server 4: nginx (TSSA-2026:0279)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0279 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

USN-8210-1 nginx vulnerabilities

It was discovered that the nginx ngxmailauthhttpmodule module incorrectly handled certain requests. An attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service. CVE-2026-27651 It was discovered that the nginx ngxhttpdavmodule module incorrectly handled...

Linux Distros Unpatched Vulnerability : CVE-2026-28753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allo...

CVE-2026-28753

NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to potential request manipulation...

CVE-2026-28753

NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to potential request manipulation...

Unity Linux 20.1070e Security Update: nginx (UTSA-2025-993314)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993314 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

BIT-NGINX-GATEWAY-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

OESA-2025-2089 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : nginx vulnerability (USN-7715-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7715-1 advisory. It was discovered that the nginx ngxmailsmtpmodule module incorrectly handled certain memory operations when doing SMTP authentication. This...