Critical Nginx UI auth bypass flaw now actively exploited in the wild

News Companies Events

Statistics About NLC Contact us

News Companies Events

Critical Nginx UI auth bypass flaw now actively exploited in the wild

Image for the article: Critical Nginx UI auth bypass flaw now actively exploited in the wild

Critical Nginx UI auth bypass flaw now actively exploited in the wild

Wed Apr 15 2026

Vulnerability

www.bleepingcomputer.com

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication. [...]