CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/03/25 12:27 a.m.•3 views

SUSE CVE-2026-27651

7.5CVSS5.9AI score0.00064EPSS

Exploits0References10

EUVD•added 2026/03/24 3:30 p.m.•2 views

EUVD-2026-14880

OSV•added 2026/03/24 3:16 p.m.•0 views

ALPINE-CVE-2026-27651

7.5CVSS5.9AI score0.00064EPSS

NVD•added 2026/03/24 3:16 p.m.•2 views

CVE-2026-27651

8.7CVSS0.00064EPSS

Vulnrichment•added 2026/03/24 2:13 p.m.•3 views

CVE-2026-27651 NGINX ngx_mail_auth_http_module vulnerability

ATTACKERKB•added 2026/03/24 2:13 p.m.•18 views

CVE-2026-27651

Exploits0References2Affected Software1

Cvelist•added 2026/03/24 2:13 p.m.•19 views

CVE-2026-27651 NGINX ngx_mail_auth_http_module vulnerability

8.7CVSS0.00064EPSS

F5 Networks•added 2026/03/24 1:31 p.m.•4 views

K000160383: NGINX ngx_mail_auth_http_module vulnerability CVE-2026-27651

Security Advisory Description When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by...

Exploits0Affected Software30

Positive Technologies•added 2026/03/24 12:0 a.m.•2 views

PT-2026-27429

Name of the Vulnerable Software and Affected Versions NGINX Open Source affected versions not specified NGINX Plus affected versions not specified Description When the ngx mail auth http module module is enabled, certain undisclosed requests can lead to the termination of worker processes. This...

Tenable Nessus•added 2026/03/24 12:0 a.m.•2 views

Exploits0References80

Linux Distros Unpatched Vulnerability : CVE-2026-27651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue ma...

OSV•added 2025/12/03 11:44 a.m.•3 views

BIT-NGINX-GATEWAY-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS6.8AI score0.00034EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-24579

Malicious code in bioql PyPI...

6.3CVSS6.3AI score0.00034EPSS

OSV•added 2025/09/05 12:42 p.m.•2 views

OESA-2025-2136 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

OSV•added 2025/08/29 11:18 a.m.•1 views

OESA-2025-2089 nginx security update

OSV•added 2025/08/29 11:18 a.m.•1 views

OESA-2025-2087 nginx security update

Tenable Nessus•added 2025/08/22 12:0 a.m.•18 views

nginx 0.7.22 < 1.29.1 Information Disclosure

According to its Sever response header, the installed version of nginx is 0.7.22 prior to 1.29.1. It is, therefore, affected by the following issue : - NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SM...

6.3CVSS5.8AI score0.00034EPSS

Exploits0References3

Amazon•added 2025/08/19 12:0 a.m.•1 views

Low: nginx

Issue Overview: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server...