> TritonInfoSec News
Home / May 19, 2026 / Story
0
#6 SecurityWeek general May 18, 2026 at 07:27 UTC

Exploitation of Critical NGINX Vulnerability Begins

By Ionut Arghire

AI Summary

Active exploitation has begun against a critical NGINX vulnerability that causes denial-of-service on default configurations and enables remote code execution when ASLR is disabled. The flaw affects a widely deployed web server and reverse proxy, making rapid patching essential for internet-facing infrastructure. Security teams running NGINX should apply vendor patches immediately and verify ASLR is enabled as a compensating control.

Read full article → https://www.securityweek.com/exploitation-of-criti…

Relevance score: 84.0/100

# More from May 19

  1. 1
    CISA Admin Leaked AWS GovCloud Keys on Github Krebs on Security
  2. 2
    Microsoft Exchange Zero-Day Under Attack, No Patch Available Dark Reading
  3. 3
    Grafana Confirms Breach After Hackers Claim They Stole Data SecurityWeek
  4. 4
    MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems The Hacker News
  5. 5
    Zero-Day Exploit Against Windows BitLocker Schneier on Security
  6. 7
    Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026 BleepingComputer
  7. 8
    Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws The Hacker News
  8. 9
    Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware The Hacker News
  9. 10
    7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand SecurityWeek