NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE — Ravie LakshmananMay 17, 2026Server Security / Vulnerability [https://b
What’s new: A critical vulnerability in NGINX, tracked as CVE-2026-42945, has been actively exploited in the wild. This heap buffer overflow affects NGINX versions 0.6.27 through 1.30.0 and can lead to worker crashes or potential remote code execution (RCE) if Address Space Layout Randomization (ASLR) is disabled. The flaw was introduced in 2008 and has a CVSS score of 9.2. Exploitation attempts have been detected, prompting urgent action from users.
Who’s affected
Users of NGINX Plus and NGINX Open versions 0.6.27 through 1.30.0 are at risk, particularly those with specific configurations that disable ASLR.
What to do
- Apply the latest security patches from F5 to mitigate the vulnerability.
- Ensure ASLR is enabled on all systems running NGINX to reduce the risk of RCE.
- Review NGINX configurations to identify any that may be vulnerable to exploitation.
