SecurityWeek

Unpatched ChromaDB Vulnerability Can Lead to Server Takeover

An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server ...

18-year-old NGINX vulnerability allows DoS, potential RCE

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for ...

New critical Exim mailer flaw allows remote code execution

A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...
SecurityWeek

Exploitation of Critical NGINX Vulnerability Begins

Threat actors are exploiting CVE-2026-42945, a critical NGINX vulnerability that leads to remote code execution if ASLR is ...
The Hacker News

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.
The Hacker News

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days ...