VulnHub

Real-time Cybersecurity News

Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)

Help Net Security
Actively Exploited
2 Sources
Reporting on this topic
The Hacker NewsHelp Net Security
CVEVulnerabilityCriticalNginx

Overview

A serious vulnerability in NGINX, identified as CVE-2026-42945 and nicknamed NGINX Rift, is currently being exploited by attackers. Disclosed last week, this flaw allows attackers to send specially crafted HTTP requests to vulnerable NGINX servers, potentially leading to denial-of-service conditions and even unauthenticated remote code execution. NGINX is the most widely used web server, meaning a large number of websites and applications could be at risk. Security researcher Patrick Garrity highlighted the urgency of addressing this vulnerability as it poses significant risks to web services that rely on NGINX. It's crucial for administrators to take immediate action to protect their systems from these exploits.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: NGINX servers (specific versions not detailed)
  • Action Required: Update NGINX to the latest version as soon as patches are available.
  • Timeline: Disclosed on [date]

Original Article Summary

A critical NGINX vulnerability (CVE-2026-42945) disclosed last week is being exploited by attackers, VulnCheck security researcher Patrick Garrity revealed on Saturday. The vulnerability, dubbed NGINX Rift, can be reliably exploited to trigger a denial-of-service condition and can potentially allow for unauthenticated remote code execution, all achievable by sending a specially crafted HTTP request to a vulnerable NGINX instance. What is NGINX? NGINX is the most widely deployed web server and, as such, it’s one of … More → The post Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945) appeared first on Help Net Security.

Impact

NGINX servers (specific versions not detailed)

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Disclosed on [date]

Remediation

Update NGINX to the latest version as soon as patches are available. Implement network-level protections to filter malicious requests and monitor server logs for unusual activity.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to CVE, Vulnerability, Critical, and 1 more.

Multiple Sources: This threat is being reported by 2 different security sources, indicating significant concern within the cybersecurity community.

Read Original Article

Related Coverage

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

The Hacker News

A serious vulnerability in NGINX, tracked as CVE-2026-42945, is currently being exploited in the wild, just days after it was disclosed. This flaw is a heap buffer overflow in the ngx_http_rewrite_module, which affects NGINX Plus and NGINX Open versions from 0.6.27 to 1.30.0. The CVSS score of 9.2 indicates a high severity, as it could lead to worker crashes and potentially allow remote code execution (RCE). Organizations using affected versions should prioritize patching their systems to prevent exploitation. Given the active nature of this threat, immediate action is crucial for maintaining security.

May 17, 2026