Advisory ROSA-SA-2026-3206

software: nginx 1.28.2 OS: ROSA-CHROME unaffected versions = nginx-1.28.2-1 affected versions nginx-1.28.2-1 CVE-ID: CVE-2026-1642 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in NGINX OSS and NGINX Plus when proxying to upstream TLS servers allows an attacker in a man-in-the-middle...

Advisory ROSA-SA-2026-3205

software: angie 1.11.3 OS: ROSA-CHROME unaffected versions = angie-1.11.3-1 affected versions angie-1.11.3-1 CVE-ID: CVE-2026-1642 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in NGINX OSS and NGINX Plus when proxying to upstream TLS servers allows an attacker in a man-in-the-middle...

OESA-2026-1572 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MI...

Exploit for Missing Encryption of Sensitive Data in Nginxui Nginx_Ui

CVE-2026-27944 PoC Description CVE-2026-27944 is an identi...

CLSA-2026-1773312266 nginx: Fix of CVE-2026-1642

CVE-2026-1642: fix upstream TLS MITM ability to inject plaintext into proxied responses; enforce stricter TLS verification and integrity checks...

BIT-NGINX-INGRESS-CONTROLLER-2026-3288 ingress-nginx rewrite-target nginx configuration injection

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible t...

nginx:1.26 security update

An update is available for module.nginx, nginx. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other...

RLSA-2026:4235 Moderate: nginx:1.26 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...

Ingress-NGINX Controller < 1.13.8 / 1.14.x < 1.14.4 / 1.15.x < 1.15.0 Configuration Injection

The version of Ingress-NGINX controller installed on the remote host is prior to 1.13.8, 1.14.4, or 1.15.0. It is, therefore, affected by a configuration injection vulnerability. A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotati...

Oracle Linux 9 : nginx:1.26 (ELSA-2026-4235)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-4235 advisory. 2:1.26.3-2.0.1 - Require oracle-indexhtml Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Ness...

RHSA-2026:4235 Red Hat Security Advisory: nginx:1.26 security update

Bulletin has no description...

CVE-2026-3288

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible t...

nginx:1.26 security update

2:1.26.3-2.0.1 - Require oracle-indexhtml...

AlmaLinux 9 : nginx:1.26 (ALSA-2026:4235)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:4235 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...

RockyLinux 9 : nginx:1.26 (RLSA-2026:4235)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:4235 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...

📄 Nginx UI 2.3.3 Backup Decryption Mass Scanner

This Python tool is a multi‑threaded scanner and exploitation utility designed to identify and validate the vulnerability CVE-2026-27944 affecting Nginx UI versions 2.3.2 and below. The script supports scanning single hosts, CIDR ranges, or target lists, and checks multiple common web service...

📄 Nginx UI 2.3.3 Unauthenticated Backup Disclosure / Decryption

This Python proof‑of‑concept demonstrates an unauthenticated information disclosure vulnerability in Nginx UI tracked as CVE-2026-27944. The vulnerability allows a remote attacker to access the /api/backup endpoint without authentication and retrieve a backup archive of the server configuration...

ROS-20260311-73-0013

Vulnerability in golang-k8s-ingress-nginx related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260311-73-0012

Vulnerability in golang-k8s-ingress-nginx related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections

A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...