Nginx

A vulnerability in Nginx allows a remote attacker to execute arbitrary code and cause a denial-of-service condition, affecting Nginx Open Source versions 1.x before 1.30.2, versions after 1.31.0 before 1.31.1, Nginx Plus versions 37.x before 37.0.1.1, and versions Rx before R36 P5 or R32 P7.

A remote, anonymous attacker can exploit a vulnerability in NGINX Open Source and NGINX Plus to perform a denial-of-service attack and potentially execute arbitrary code.

NGINX JavaScript is vulnerable to a heap buffer overflow (CVE-2026-8711) when the js_fetch_proxy directive is configured with client-controlled variables and ngx.fetch(), allowing unauthenticated attackers to cause worker process restarts or, with ASLR disabled, code execution via crafted HTTP requests.

Multiple vulnerabilities in NGINX Open Source and NGINX Plus allow a remote, anonymous attacker to bypass security measures, execute arbitrary code, manipulate data, disclose confidential information, or cause a denial-of-service condition.

NGINX Plus and NGINX Open Source are vulnerable to a heap buffer overflow (CVE-2026-42945) due to crafted HTTP requests when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed PCRE capture with a replacement string that includes a question mark, potentially leading to denial of service or code execution.

Multiple vulnerabilities in NGINX Plus and NGINX can be exploited by an attacker to perform a denial of service attack, manipulate data, bypass security measures, and potentially execute arbitrary program code, leading to significant impact.

NGINX Plus and NGINX Open Source are vulnerable to a denial-of-service condition (CVE-2026-27651) when the ngx_mail_auth_http_module is enabled, CRAM-MD5 or APOP authentication is used, and the authentication server permits retry via the Auth-Wait response header, leading to worker process termination.