A newly discovered critical vulnerability in Nginx UI allows unauthenticated attackers to download and decrypt full system backups. Tracked as CVE-2026-27944, this flaw is categorized as CWE-306 and CWE-311, carrying a maximum CVSS score of 9.8. It affects all versions of the Nginx UI before 2.3.2, requiring administrators to apply the security patch by upgrading […] The post Critical Nginx UI Vulnerabilities Allow Attacker to Download a Full System Backup appeared first on Cyber Security News.