Nginx on Tuesday released its latest product offering, the Plus R8, which includes an initial release of OAuth 2-based authentication. Nginx CEO Gus Robertson said that many of today's most popular ...
NGINX is critically vulnerable: hackers can crash servers and run remote code with no authentication
A critical, 18-year-old vulnerability in the NGINX web server has been discovered, which allows unauthenticated attackers to ...
NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.
Nginx is upgrading the commercially supported version of its popular Web server, fitting it with new HTTP/2, authentication, and caching capabilities. Nginx Plus Release 8, being unveiled today, backs ...
Morning Overview on MSN
An 18-year-old heap buffer overflow in NGINX gives attackers remote code execution — billions of devices run the affected module
A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...
A critical vulnerability discovered by AI spans most of the history of NGINX, which was first made available in 2004. The web ...
TL;DR: Researchers recently disclosed CVE-2026-42945, a critical heap-based buffer overflow vulnerability affecting both NGINX Open Source and NGINX Plus. The flaw exists within the ...
May 2026 dropped three critical Linux vulnerabilities on a near-weekly cadence, and the security discourse has mostly treated them as three separate bad days. They’re not. Together they form a ...
Morning Overview on MSN
An 18-year-old flaw in NGINX just gave attackers remote code execution on millions of web servers — nobody noticed for two decades
For roughly 18 years, a chunk of code inside one of the internet’s most popular web servers quietly carried a critical ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results