Cybersecurity researchers are warning that attackers have already started exploiting a newly disclosed NGINX vulnerability, tracked as CVE-2026-42945, just days after technical details and proof-of-concept code became public. The flaw, also referred to as NGINX Rift, affects millions of potentially exposed servers and has raised concerns across the security community due to its potential impact on core internet infrastructure. 

Security researcher Patrick Garrity of VulnCheck revealed on Saturday that exploitation attempts targeting CVE-2026-42945 were detected shortly after disclosure. The vulnerability was publicly announced the previous week and is considered critical because it can be...