SUSE-SU-2026:21832-1 Security update for nginx

This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the ngxmailauthhttpmodule is enabled bsc1260415. - CVE-2026-32647: NGINX worker memory over-read or over-write via a specially crafted MP4 file bsc1260420. - CVE-2026-40701: heap...

CLSA-2026-1779282813 Fix CVE(s): CVE-2026-42945

SECURITY UPDATE: heap buffer overflow in ngxhttprewritemodule when an unnamed PCRE capture group with '?' in the replacement is followed by another rewrite, if, or set directive - debian/patches/CVE-2026-42945.patch: clear isargs flag at the start of ngxhttpscriptregexendcode in...

Exploit for CVE-2026-42945

CVE-2026-42945 NGINX Rift — defensive scanner Organizations...

CLSA-2026-1778895590 nginx: Fix of CVE-2026-42945

CVE-2026-42945: fix heap buffer overflow in ngxhttprewritemodule...

UBUNTU-CVE-2026-42945

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression PCRE capture for example, $1, $2 with a replacement strin...

Buffer overflow in the ngx_http_rewrite_module

Buffer overflow in the ngxhttprewritemodule Severity: medium CVE-2026-42945 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 0.6.27-1.30.0...