2 matches found
Exploit for Missing Authentication for Critical Function in Nginxui Nginx_Ui
CVE-2026-33032 Scanner Non-destructive vulnerability scanne...
CVE-2026-33032
Nginx UI is a web user interface for the Nginx web server. In versions 2.3.5 and prior, the nginx-ui MCP Model Context Protocol integration exposes two HTTP endpoints: /mcp and /mcpmessage. While /mcp requires both IP whitelisting and authentication AuthRequired middleware, the /mcpmessage endpoi...