> TritonInfoSec News
Home / May 18, 2026 / Story
0
#2 The Hacker News general May 17, 2026 at 11:57 UTC

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

By [email protected] (The Hacker News)

AI Summary

CVE-2026-42945 (CVSS 9.2), a heap buffer overflow in NGINX's ngx_http_rewrite_module affecting versions 0.6.27 through 1.30.0, is under active exploitation in the wild within days of public disclosure. The flaw impacts both NGINX Plus and Open Source builds and carries potential for remote code execution, making immediate patching critical for the large population of NGINX deployments.

Read full article → https://thehackernews.com/2026/05/nginx-cve-2026-4…

Relevance score: 90.0/100

# More from May 18

  1. 1
    New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released BleepingComputer
  2. 3
    Russian hackers turn Kazuar backdoor into modular P2P botnet BleepingComputer
  3. 4
    Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing BleepingComputer
  4. 5
    Hackers Earn $1.3 Million at Pwn2Own Berlin 2026 SecurityWeek
  5. 6
    Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt The Hacker News
  6. 7
    Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming The Hacker News
  7. 8
    Microsoft rejects critical Azure vulnerability report, no CVE issued BleepingComputer
  8. 9
    Can Laws Stop Deepfakes? South Korea Aims to Find Out Dark Reading
  9. 10
    Why geopolitical turmoil is a gift for scammers, and how to stay safe WeLiveSecurity (ESET)