tldrdailynews.com logo
Tag

Nginx

All articles tagged with #nginx

AI-Generated Reports, GitHub Chaos, and Linux Vulnerabilities This Week
security3 days ago

AI-Generated Reports, GitHub Chaos, and Linux Vulnerabilities This Week

This week highlights AI’s role in security reporting amid a flood of Linux flaws: Google’s Project Zero exposed a zero-click Pixel 10 exploit chained from a Dolby decoder memory flaw to kernel memory (patched in Feb 2026, 71 days after disclosure); Linus Torvalds praises AI tools but urges verification and fixes for AI-generated bug reports; GitHub discusses AI-generated reports in bug bounties and reports a breach via a compromised VSCode extension; Linux moves to remove zero-copy AF_ALG to curb CopyFail risks; new bugs raise root/DoS/RCE concerns (pid-fd/ssh-keysign-pwn, RDS-pintheft, nginx-rift/nginx-poolslip); Google discloses a Chromium botnet risk tied to JavaScript service workers with patch timing unclear; and a CISA credential leak in a public GitHub repo underscores ongoing access-risk from exposed tokens.

via Hackaday|
#ai#github#linux
Active NGINX flaw CVE-2026-42945 exploited in the wild, enabling RCE when ASLR is disabled
technology7 days ago

Active NGINX flaw CVE-2026-42945 exploited in the wild, enabling RCE when ASLR is disabled

Security researchers report active exploitation of NGINX CVE-2026-42945—a heap overflow in ngx_http_rewrite_module affecting NGINX Plus/Open versions 0.6.27–1.30.0—that can crash worker processes or, if ASLR is disabled, allow unauthenticated remote code execution; exploitation requires a specific config and attacker knowledge, with F5 fixes urged for defense. VulnCheck also notes exploitation of openDCIM flaws (CVE-2026-28515/28517/28516) that can be chained to remote code execution, with observed activity from a Chinese IP using a Vulnhuntr-based tool to drop a PHP web shell.

via The Hacker News|
#aslr#cve-2026-42945#heap-buffer-overflow
Millions at Risk as NGINX Zero-Day RCE Flaw Sees Real-World Exploitation
cybersecurity7 days ago

Millions at Risk as NGINX Zero-Day RCE Flaw Sees Real-World Exploitation

Security researchers say CVE-2026-42945, a heap buffer overflow in NGINX Open Source and NGINX Plus, is being actively exploited in the wild. The flaw can crash NGINX worker processes via crafted requests, with remote code execution possible only if ASLR is disabled and a specific rewrite configuration is present; despite ASLR generally enabled, estimates show up to 5.7 million internet-facing servers may be affected. Organizations should patch promptly, ensure ASLR remains enabled, and audit rewrite rules to mitigate risk while threat actors rapidly scan for vulnerable systems.

via CyberSecurityNews|
#cve-2026-42945#cybersecurity#exploitation
18-Year-Old NGINX Flaw Triggers Unauthenticated Remote Code Execution
cyber-security11 days ago

18-Year-Old NGINX Flaw Triggers Unauthenticated Remote Code Execution

A severe heap-buffer-overflow bug in NGINX’s ngx_http_rewrite_module (CVE-2026-42945, CVSS 9.2) allows unauthenticated remote code execution when rewrite and set directives are used together, affecting NGINX Open Source 0.6.27–1.30.0 and several F5/NGINX products; a working PoC is public. Patch guidance includes upgrading to NGINX 1.30.1 or 1.31.0 and auditing configurations that combine rewrite+set directives, with a recommendation to add a WAFlayer until patching is complete. Additional related CVEs include CVE-2026-42946 (high severity, memory corruption), CVE-2026-40701 (medium, use-after-free), and CVE-2026-42934 (medium, out-of-bounds read).

via CyberSecurityNews|
#cve-2026-42945#cyber-security#heap-buffer-overflow
18-year-old NGINX flaw raises DoS risk and possible RCE in certain configs
security11 days ago

18-year-old NGINX flaw raises DoS risk and possible RCE in certain configs

An 18-year-old heap buffer overflow in NGINX's rewrite_module (CVE-2026-42945) can cause denial of service and, under specific rewrite configurations, unauthenticated remote code execution. Patches are available in NGINX Open Source 1.31.0 and 1.30.1 and related F5 products; real-world exploitability is debated, but the DoS risk makes patching or applying mitigations urgent, especially where ASLR is disabled to enable RCE in PoC tests.

via BleepingComputer|
#cve-2026-42945#dos#nginx
NGINX Rewrite Module Flaw Allows Unauthenticated Remote Code Execution (CVE-2026-42945)
security12 days ago

NGINX Rewrite Module Flaw Allows Unauthenticated Remote Code Execution (CVE-2026-42945)

Security researchers disclosed a critical, unauthenticated heap-buffer-overflow in NGINX's ngx_http_rewrite_module (CVE-2026-42945) that can enable remote code execution or DoS by sending a crafted URI; the flaw, which remained undetected for 18 years, affects NGINX Plus and Open Source and is more dangerous on systems with ASLR disabled. Patches are available across multiple products (NGINX Plus R32–R36, Open Source 1.30.1–1.31.0, among others), along with fixes for CVE-2026-42946, CVE-2026-40701, and CVE-2026-42934. Administrators should upgrade to the latest versions or, if patching isn’t feasible, modify rewrite directives to use named captures to mitigate exposure.

via The Hacker News|
#cve-2026-42945#heap-buffer-overflow#nginx
Active Exploit Targets Nginx UI Flaw, Enables Full Server Takeover
security1 month ago

Active Exploit Targets Nginx UI Flaw, Enables Full Server Takeover

A critical vulnerability in Nginx UI with MCP support (CVE-2026-33032) leaves the /mcp_message endpoint unauthenticated, allowing attackers to invoke privileged MCP actions, modify or reload nginx configuration, and take over the server. Exploitation is active in the wild; patches were released (2.3.4, followed by 2.3.6 as the latest) and thousands of exposed instances have been identified, so admins should update immediately.

via BleepingComputer|
#cve-2026-33032#exploitation#nginx