nginx-ui
-
Researchers find HTTP/2 flaw that can trigger rapid denial of service on major servers
Researchers say a new HTTP/2 denial-of-service flaw can hit major web servers, including NGINX, Apache HTTPD and Microsoft IIS. The issue can rapidly exhaust memory and may be difficult to block in default configurations.
-
NGINX flaw exploited in the wild days after disclosure, VulnCheck says
VulnCheck says CVE-2026-42945 is being exploited in the wild in NGINX Plus and NGINX Open days after disclosure. The report also cites active exploitation of critical openDCIM flaws that can be chained toward remote code execution.
-
NGINX flaw left hidden for 18 years could allow remote code execution
A critical NGINX rewrite module flaw hidden for 18 years can let a remote attacker trigger code execution or denial of service with crafted requests, according to a technical analysis and vendor advisory.
-
Critical nginx-ui flaw under active exploitation, researchers say
A critical nginx-ui flaw tracked as CVE-2026-33032 is under active exploitation, with researchers warning that attackers can take over Nginx service on exposed systems in just two requests.
