A critical NGINX vulnerability (CVE-2026-42945) disclosed last week is being exploited by attackers, VulnCheck security researcher Patrick Garrity revealed on Saturday. The vulnerability, dubbed NGINX Rift, can be reliably exploited to trigger a denial-of-service condition and can potentially allow for unauthenticated remote code execution, all achievable by sending a specially crafted HTTP request to a vulnerable NGINX instance. What is NGINX? NGINX is the most widely deployed web server and, as such, it’s one of … More →
The post Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945) appeared first on Help Net Security.