Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945

Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945

News
Yanac

A critical NGINX flaw (CVE-2026-42945) is actively exploited, allowing crashes or possible code execution via malicious HTTP requests. A critical vulnerability in NGINX Plus and NGINX Open, tracked as CVE-2026-42945 (CVSS v4 score of 9.2), is already being actively exploited shortly after disclosure. “We’re seeing active exploitation of CVE-2026-42945 in F5 NGINX, a heap bufferSecurity AffairsRead More