CVE-2026-42945 Heap-based Buffer Overflow in #nginx combined with the linux kernel LPEs is "not great" as we say in the industry.

harrysintonen@infosec.exchange

CVE-2026-42945 Heap-based Buffer Overflow in #nginx combined with the linux kernel LPEs is "not great" as we say in the industry.

NGINX Rift

An 18 year old memory corruption flaw in NGINX Plus and NGINX Open Source lets an unauthenticated attacker crash worker processes or execute remote code with crafted HTTP requests.

(depthfirst.com)

#CVE_2026_42945