A critical heap-based buffer overflow vulnerability has been discovered in NGINX Plus and NGINX Open Source, tracked as CVE-2026-9256 and internally designated as F5 ID 161 (NGINX). The flaw, residing in the ngx_http_rewrite_module, can be exploited by unauthenticated remote attackers to crash NGINX worker processes or achieve remote code execution (RCE) under specific conditions. F5 has rated this […]
The post nginx-poolslip Flaw Enables DoS and Remote Code Execution appeared first on Cyber Security News.