CVE-2026-42222 | 0xJacky nginx-ui 2.3.5 /api/install missing authentication

May 4, 2026 Yanac

A vulnerability, which was classified as critical, was found in 0xJacky nginx-ui 2.3.5. The affected element is an unknown function of the file /api/install. Executing a manipulation can lead to missing authentication.

This vulnerability appears as CVE-2026-42222. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More

CVE-2026-42085 | OpenC3 cosmos up to 6.10.4/7.0.0-rc2 Configuration File /plugins save_tool_config path traversal (GHSA-4jvx-93h3-f45h)
CVE-2026-42220 | 0xJacky nginx-ui up to 2.3.7 /api/settings AuthRequired information disclosure