BetaIT-Hub is in early access — your feedback helps us improve. Use the chat or email [email protected]

News Vulnerability
VulnerabilityThe Hacker News·21d ago

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, discovered by depthfirst, is a heap buffer overflow issue impacting ngx_http_rewrite_module (CVE-2026-42945, CVSS v4 score: 9.2) that could allow an attacker to achieve remote code execution or cause a

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by The Hacker News

Source: https://thehackernews.com/2026/05/18-year-old-nginx-rewrite-module-flaw.html

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin