https://feed.craftedsignal.io/tags/mail-proxy/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 24 Mar 2026 15:16:32 +0000https://feed.craftedsignal.io/briefs/2026-03-nginx-dos/Tue, 24 Mar 2026 15:16:32 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-nginx-dos/NGINX Plus and NGINX Open Source are vulnerable to a denial-of-service condition (CVE-2026-27651) when the ngx_mail_auth_http_module is enabled, CRAM-MD5 or APOP authentication is used, and the authentication server permits retry via the Auth-Wait response header, leading to worker process termination.CVE-2026-27651 is a denial-of-service vulnerability affecting NGINX Plus and NGINX Open Source. The vulnerability occurs when the ngx_mail_auth_http_module module is enabled, and the server is configured to use CRAM-MD5 or APOP authentication. An attacker can exploit this by sending undisclosed requests that cause worker processes to terminate, leading to a denial-of-service condition. The vulnerability is triggered when the authentication server permits retry by returning the Auth-Wait…

]]>highadvisorynginxdenial-of-servicemail proxycve-2026-27651