nginx patches buffer overflow in rewrite module, CVE-2026-9256
CVE-2026-9256: buffer overflow in the nginx rewrite module affects all versions to 1.31.0. Fixed in 1.30.2 stable and 1.31.1 mainline. Apply now.
2 articles tagged #web-server
CVE-2026-9256: buffer overflow in the nginx rewrite module affects all versions to 1.31.0. Fixed in 1.30.2 stable and 1.31.1 mainline. Apply now.
CVE-2026-42945 is a critical heap buffer overflow in NGINX's rewrite module, present since 2008. Unauthenticated remote attackers can crash worker processes or achieve RCE. Patch now.