CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/03/25 12:27 a.m.•3 views

SUSE CVE-2026-27651

7.5CVSS5.9AI score0.00064EPSS

Exploits0References10

OSV•added 2026/03/24 3:16 p.m.•0 views

ALPINE-CVE-2026-27651

7.5CVSS5.9AI score0.00064EPSS

NVD•added 2026/03/24 3:16 p.m.•2 views

CVE-2026-27651

8.7CVSS0.00064EPSS

Vulnrichment•added 2026/03/24 2:13 p.m.•3 views

CVE-2026-27651 NGINX ngx_mail_auth_http_module vulnerability

ATTACKERKB•added 2026/03/24 2:13 p.m.•17 views

CVE-2026-27651

Exploits0References2Affected Software1

Cvelist•added 2026/03/24 2:13 p.m.•19 views

CVE-2026-27651 NGINX ngx_mail_auth_http_module vulnerability

8.7CVSS0.00064EPSS

F5 Networks•added 2026/03/24 1:31 p.m.•3 views

K000160383: NGINX ngx_mail_auth_http_module vulnerability CVE-2026-27651

Security Advisory Description When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by...

Exploits0Affected Software30

Tenable Nessus•added 2026/03/24 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-27651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue ma...

OSV•added 2025/12/03 11:44 a.m.•3 views

BIT-NGINX-GATEWAY-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS6.8AI score0.00034EPSS

Exploits0References3

OSV•added 2025/09/05 12:42 p.m.•1 views

OESA-2025-2136 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

OSV•added 2025/08/29 11:18 a.m.•1 views

OESA-2025-2089 nginx security update

OSV•added 2025/08/29 11:18 a.m.•1 views

OESA-2025-2087 nginx security update

Tenable Nessus•added 2025/08/22 12:0 a.m.•18 views

nginx 0.7.22 < 1.29.1 Information Disclosure

According to its Sever response header, the installed version of nginx is 0.7.22 prior to 1.29.1. It is, therefore, affected by the following issue : - NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SM...

6.3CVSS5.8AI score0.00034EPSS

Exploits0References3

Amazon•added 2025/08/19 12:0 a.m.•1 views

Low: nginx

Issue Overview: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server...