Summary
F5's NGINX Open Source and NGINX Plus are facing active exploitation of a critical heap buffer overflow (CVE-2026-42945) that allows unauthenticated attackers to cause denial-of-service or remote code execution.
Take Action:
If you're running NGINX Open Source or NGINX Plus, make sure that ASLR is enabled on your system. Then upgrade to a patched version (NGINX Open Source 1.30.1/1.31.0, or NGINX Plus R36 P4/R32 P6) before attackers find your server. If you can't upgrade right away, change any unnamed captures in your rewrite rules (like $1) to named captures (like (?[0-9]+)) to block the attack path.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)