Active Exploit Targets Nginx UI Flaw, Enables Full Server Takeover
A critical vulnerability in Nginx UI with MCP support (CVE-2026-33032) leaves the /mcp_message endpoint unauthenticated, allowing attackers to invoke privileged MCP actions, modify or reload nginx configuration, and take over the server. Exploitation is active in the wild; patches were released (2.3.4, followed by 2.3.6 as the latest) and thousands of exposed instances have been identified, so admins should update immediately.