CVE-2026-42223 | 0xJacky nginx-ui up to 2.3.7 GetSettings API api/settings/settings.go information disclosure

May 4, 2026 Yanac

A vulnerability was found in 0xJacky nginx-ui up to 2.3.7. It has been declared as problematic. Affected is an unknown function of the file api/settings/settings.go of the component GetSettings API Handler. Such manipulation leads to information disclosure.

This vulnerability is uniquely identified as CVE-2026-42223. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More