3 matches found
CVE-2026-48142
A flaw was found in NGINX. Remote, unauthenticated attackers can exploit a vulnerability in the ngxhttpcharsetmodule when specific charset configurations are present. This can lead to a heap buffer over-read, potentially causing limited disclosure of memory or a denial of service by restarting th...
SUSE-SU-2026:21832-1 Security update for nginx
This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the ngxmailauthhttpmodule is enabled bsc1260415. - CVE-2026-32647: NGINX worker memory over-read or over-write via a specially crafted MP4 file bsc1260420. - CVE-2026-40701: heap...
NGINX ngx_http_charset_module vulnerability
...