CVE-2026-27654 | F5 NGINX Open Source/NGINX Plus DAV Module ngx_http_dav_module heap-based overflow (K000160382)

A vulnerability identified as critical has been detected in F5 NGINX Open Source and NGINX Plus. Affected by this vulnerability is the function ngx_http_dav_module of the component DAV Module. The manipulation leads to heap-based buffer overflow.

This vulnerability is documented as CVE-2026-27654. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More