6359 matches found
CVE-2026-8711
NGINX JavaScript has a vulnerability when the jsfetchproxy directive is configured with at least one client-controlled NGINX variable for example, $http, $arg, $cookie and a location invoking the ngx.fetch operation from NGINX JavaScript. An unauthenticated attacker can exploit this vulnerability...
CVE-2026-8711 NGINX JavaScript vulnerability
NGINX JavaScript has a vulnerability when the jsfetchproxy directive is configured with at least one client-controlled NGINX variable for example, $http, $arg, $cookie and a location invoking the ngx.fetch operation from NGINX JavaScript. An unauthenticated attacker can exploit this vulnerability...
CVE-2026-8711
NGINX JavaScript has a vulnerability when the jsfetchproxy directive is configured with at least one client-controlled NGINX variable for example, $http, $arg, $cookie and a location invoking the ngx.fetch operation from NGINX JavaScript. An unauthenticated attacker can exploit this vulnerability...
K000161307: NGINX ngx_http_js_module vulnerability CVE-2026-8711
Security Advisory Description NGINX JavaScript has a vulnerability when the jsfetchproxy directive is configured with at least one client-controlled NGINX variable for example, $http , $arg , $cookie and a location invoking the ngx.fetch operation from NGINX JavaScript. An unauthenticated attacke...
Advisory ROSA-SA-2026-3270
software: nginx 1.30.1 OS: ROSA-CHROME unaffected versions = nginx-1.30.1-1 affected versions nginx-1.30.1-1 CVE-ID: CVE-2026-42926 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in NGINX Open Source allows an attacker to inject frame headers and data into the upstream when proxying...
Advisory ROSA-SA-2026-3269
software: angie 1.11.5 AXIS: ROSA-CHROME unaffected versions = angie-1.11.5-1 affected versions angie-1.11.5-1 CVE-ID: CVE-2026-42945 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A heap buffer overflow vulnerability in the ngxhttprewritemodule NGINX Plus and NGINX Open Source module allows an...
Exploit for CVE-2026-42945
CVE-2026-42945 PoC Go This tool is designed for detecting a...
nginx security update
An update is available for nginx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other protocols, with a...
RLSA-2026:18063 Critical: nginx security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...
Hackers Actively Exploit ‘Nginx Rift’ Vulnerability Affecting NGINX, F5 Products
Hackers are actively exploiting the Nginx Rift vulnerability affecting NGINX and F5 products, exposing servers to denial-of-service attacks...
RHSA-2026:18063 Red Hat Security Advisory: nginx security update
Bulletin has no description...
RHSA-2026:18041 Red Hat Security Advisory: nginx:1.24 security update
Bulletin has no description...
RHSA-2026:18029 Red Hat Security Advisory: nginx security update
Bulletin has no description...
CVE-2026-40460
creationtimestamp| type| source ---|---|--- 2026-05-19 08:05:32+00:00| seen| https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-nginx-leading-remote-code-execution-and-allowing-rate...
CVE-2026-42926
creationtimestamp| type| source ---|---|--- 2026-05-19 08:05:32+00:00| seen| https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-nginx-leading-remote-code-execution-and-allowing-rate 2026-06-06 19:00:11+00:00| published-proof-of-concept|...
nginx security update
2:1.26.3-2.0.1.el101.2 - Reference oracle-indexhtml within Requires Orabug: 33802044 2:1.26.3-8 - Fix release number 2:1.26.3-7 - Resolves: RHEL-176217 - nginx: NGINX: Arbitrary Code 2:1.26.3-6 - Resolves: RHEL-157874 CVE-2026-32647 nginx: NGINX: Denial of Service or Code Execution via specially...
nginx security update
2:1.20.1-24.0.1.el97.3 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 - Update upstream references Orabug: 36579090 2:1.20.1-24.3 - Resolves: RHEL-176230 - nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 2:1.20.1-24.2...
ALSA-2026:19371 Critical: nginx:1.24 security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...
NGINX JavaScript 安全漏洞
NGINX JavaScript is an extension developed by NGINX as open source. There is a security vulnerability in NGINX JavaScript. This vulnerability arises when configuring NGINX variables controlled by the jsFetchProxy directive, which may lead to a heap buffer overflow, resulting in the restart of the...
ALSA-2026:19372 Critical: nginx:1.26 security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...