The Hacker News

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days ...

NGINX Rift attackers waste no time targeting exposed servers

Exploit attempts are already hammering a newly disclosed NGINX bug dubbed "NGINX Rift," proving once again that attackers ...
SecurityWeek

PoC Code Published for Critical NGINX Vulnerability

Depthfirst has published technical details and proof-of-concept (PoC) exploit code targeting a critical NGINX vulnerability.

NGINX: DoS vulnerability is being attacked

Security vulnerabilities exist in NGINX Open Source and NGINX Plus from F5. One is already being exploited and leads to DoS conditions.
Security Boulevard

Three CVEs and the May 2026 Exploit Chain Nobody’s Taking Seriously

May 2026 dropped three critical Linux vulnerabilities on a near-weekly cadence, and the security discourse has mostly treated them as three separate bad days. They’re not. Together they form a ...
CSOonline

AI agent finds 18-year-old remote code execution flaw in Nginx

An LLM-powered system found 4 security bugs, including a critical one in the web server’s URL rewrite module. Researchers have found a critical vulnerability in the widely used Nginx web server that ...
CPO Magazine

AI Unearths Critical Vulnerability Hidden in NGINX Web Servers for 18 Years

A critical vulnerability discovered by AI spans most of the history of NGINX, which was first made available in 2004. The web ...
techzine

Researchers discover 18-year-old vulnerability in NGINX

Researchers have discovered a critical vulnerability in NGINX that allows attackers to remotely execute code on servers running the popular web server. The flaw is believed to have existed since 2008 ...