Skip to content
The Nexus
DossierENTITY

NGINX Open

Coverage of NGINX Open in the Nexus archive.

Earliest in view: May 14 · 06:00 UTCMost recent: May 17 · 11:57 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 17 · 11:57 UTCTHE HACKER NEWS
    NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

    A security flaw in NGINX Plus and NGINX Open is being actively exploited, causing worker crashes and possible remote code execution. The vulnerability, tracked as CVE-2026-42945, has a CVSS score of 9.2 and affects NGINX versions 0.6.27 through 1.30.0. The exploitation was reported by VulnCheck and depthfirst.

  • SECURITYMay 14 · 06:00 UTCTHE HACKER NEWS
    18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

    Cybersecurity researchers discovered multiple security vulnerabilities in NGINX Plus and NGINX Open, including a critical 18-year-old flaw that allows unauthenticated remote code execution. The vulnerability is a heap buffer overflow issue impacting ngx_http_rewrite_module with a CVSS v4 score of 9.2. This flaw could enable attackers to achieve remote code execution or cause crashes.

NGINX Open · Dossier · The Nexus