Tag
critical
advisory
Multiple Vulnerabilities in NGINX and NGINX Plus
2 rules 1 TTPMultiple vulnerabilities in NGINX Plus and NGINX can be exploited by an attacker to perform a denial of service attack, manipulate data, bypass security measures, and potentially execute arbitrary program code, leading to significant impact.
nginx
vulnerability
denial-of-service
code-execution
webserver
linux
2r
1t
high
advisory
NGINX ngx_mail_auth_http_module Denial-of-Service Vulnerability (CVE-2026-27651)
2 rules 2 TTPs 1 IOCNGINX Plus and NGINX Open Source are vulnerable to a denial-of-service condition (CVE-2026-27651) when the ngx_mail_auth_http_module is enabled, CRAM-MD5 or APOP authentication is used, and the authentication server permits retry via the Auth-Wait response header, leading to worker process termination.
nginx
denial-of-service
mail proxy
cve-2026-27651
2r
2t
1i