Overview
Description
Statistics
- 22 Posts
- 157 Interactions
Fediverse
#NGINX: An 18-year-old RCE vulnerability CVE-2026-42945 in the rewrite module enables server takeover. Update to NGINX 1.31.0 or 1.30.1 immediately!
👇
https://thehackernews.com/2026/05/18-year-old-nginx-rewrite-module-flaw.html
CVE-2026-42945 - Nginx (otherwise branded Nginx Rift)
It relies on a specific Nginx config to be vulnerable, and for attacker to know or discover the config to exploit it. To reach RCE, also ASLR needs to have been disabled on the box.
The PoC they've built specifically disabled ASLR, deploys a specifically vulnerable config and the exploit knows about the vulnerable config endpoint.
Une faille vieille de 18 ans dans Nginx, un PoC public, beaucoup de bruit… mais qui est vraiment concerné ?
The EasyEngine tutorial, StackPointer, WPMU DEV, Stack Overflow, and the WordPress.org forums all reference this same pattern.
This can easily be chained with one (or both) of two recent and trivial-to-exploit local privilege escalation Linux vulns.
In the words of @krypt3ia :
we doomed.
HOWEVER: I threw together a small Bash script that tries to detect whether a given conf file or directory of nginx configs has vulnerable directives. You can find it at:
⚠️ NGINX `rewrite` vulnerability
Using unnamed regex captures (`$1`, `$2`) with `?` in replacement strings plus `rewrite`/`if`/`set` can be triggered **without auth**.
Systems with ASLR disabled are at risk of remote code execution. Patch immediately!
https://my.f5.com/manage/s/article/K000161019
Regarding CVE-2026-42945 in nginx - no modern (or even old) Linux distribution runs nginx without ASLR.
The way the PoC exploit works is they spawn nginx like this:
> exec setarch x86_64 -R /nginx-src/build/nginx -p /app -c /app/nginx.conf
Setarch -R disables ASLR. I've had a look through Github and I can't find any other software which actually does this for nginx either.
So, cool, sweet technical vuln - it's valid - but the RCE apocalypse ain't coming.
⚡ An 18-year-old flaw in NGINX can let unauthenticated attackers run code or crash servers using crafted HTTP requests.
Tracked as CVE-2026-42945 and named NGINX Rift, the bug affects NGINX Plus and Open Source.
Patch details and mitigation steps: https://thehackernews.com/2026/05/18-year-old-nginx-rewrite-module-flaw.html
@me @krypt3ia fixed and also here: https://git.sr.ht/~hrbrmstr/cve-2026-42945-scanner
NGINX Rift allows an unauthenticated attacker to crash a worker process, or potentially achieve remote code execution on hosts with ASLR disabled, by sending a single crafted HTTP request.
Help us test our patched nginx package: https://almalinux.org/blog/2026-05-13-nginx-rift-cve-2026-42945/
🚨 Nouvelle faille critique sur NGINX : CVE-2026-42945 (Z)
Une vulnérabilité dans ngx_http_rewrite_module peut provoquer un crash des workers NGINX, voire une exécution de code si l’ASLR est désactivé.
👉 https://security-tracker.debian.org/tracker/CVE-2026-42945
Have y'all heard of any vendors discussing impact / no impact to CVE-2026-42945 ( the sev:CRIT NGINX RCE )? I see it running on a lot of appliances and enterprise services but don't have access to the NGINX configs to see the rewrite rules, or if ASLR is enabled.
GitHub - DepthFirstDisclosures/Nginx-Rift: exploit for CVE-2026-42945 · GitHub
https://github.com/DepthFirstDisclosures/Nginx-Rift
That's bad... let's hope we don't use that
I don't wanna ruin your Friday, but nginx has a serious CVE with a rating of 9.2, and you should patch or mitigate it asap.
The CVE is an unauthenticated http request that can lead to a deterministic buffer overflow and remote code execution.
Bluesky
Overview
Description
Statistics
- 13 Posts
- 1 Interaction
Fediverse
Una nuova falla di Fragnesia su Linux consente agli attaccanti di ottenere privilegi di root
Le distribuzioni Linux stanno rilasciando patch per una nuova vulnerabilità di escalation dei privilegi del kernel di alta gravità (nota come Fragnesia e tracciata come CVE-2026-46300) che permette agli attaccanti di eseguire codice dannoso come root
Jour férié en fin de semaine en France, jour de #LPE (exploit Linux accessible aux utilisateurs) :
https://security-tracker.debian.org/tracker/CVE-2026-46300
😠
Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300) - Help Net Security
https://www.helpnetsecurity.com/2026/05/14/fragnesia-cve-2026-46300-linux-lpe-vulnerability/
Read on HackerWorkspace: https://hackerworkspace.com/article/fragnesia-new-linux-kernel-lpe-bug-was-spawned-by-dirty-frag-patch-cve-2026-46300-help-net-security
Beep!
sudo sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/fragnesia.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"
https://tuxcare.com/blog/fragnesia-cve-2026-46300-is-a-new-linux-kernel-lpe/
Oh and while we are here, Linux fans, please tell me you have updated your machine for "Fragnesia (CVE-2026-46300)", right… right!?
Linux distributions are alerting users to a newly disclosed kernel vulnerability that could allow local attackers to escalate privileges to root.
The flaw, dubbed Fragnesia and tracked as CVE-2026-46300, enables unprivileged users to obtain root access by overwriting critical system files.
Most Linux distributions are impacted, and vendors have begun rolling out security patches.
Bluesky
Overview
Description
Statistics
- 15 Posts
- 10 Interactions
Fediverse
Why are we even bothering, again, if the "giants" of cyber aren't bothering? https://www.rapid7.com/blog/post/ve-cve-2026-20182-critical-authentication-bypass-cisco-catalyst-sd-wan-controller-fixed/
Bluesky
Overview
- Microsoft
- Microsoft Exchange Server 2016 Cumulative Update 23
Description
Statistics
- 9 Posts
- 4 Interactions
Fediverse
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42897
EITW XSS (via email!) in Exchange/OWA? 👀
Bluesky
Overview
- MervinPraison
- PraisonAI
Description
Statistics
- 4 Posts
- 1 Interaction
Fediverse
📰 PraisonAI Auth Bypass (CVE-2026-44338) Exploited Within Four Hours of Disclosure
The disclosure-to-exploit window has collapsed. ⏱️ A critical auth bypass in PraisonAI (CVE-2026-44338) was exploited by automated scanners in under 4 hours. A stark reminder to patch immediately. #CyberSecurity #Vulnerability #Automation #AI
Bluesky
Overview
Description
Statistics
- 3 Posts
- 6 Interactions
Fediverse
"CVE-2026-45793: Anatomy of a 14-Hour PHP Supply-Chain Near-Miss"
https://github.com/graycoreio/github-actions-magento2/discussions/261
Bluesky
Overview
- Microsoft
- Windows 11 version 22H3
Description
Statistics
- 3 Posts
Fediverse
CVE-2026-41096 普通に刺さりそうで怖いな
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41096
📰 Microsoft's May Patch Tuesday: 137 Flaws Fixed, Including Critical Netlogon RCE
Microsoft's May Patch Tuesday is huge: 137 vulnerabilities fixed, 30 critical. No zero-days for the first time in 22 months! 🚨 Key patches for critical RCEs in Netlogon (CVE-2026-41089) and DNS Client (CVE-2026-41096). Patch now! ✅ #PatchTuesday
Bluesky
Overview
- Fortinet
- FortiSandbox Cloud
Description
Statistics
- 2 Posts
- 5 Interactions
Fediverse
CVE-2026-26083: Critical Fortinet FortiSandbox Flaw Allows Unauthenticated Remote Code Execution — Patch Now
#CyberSecurity
https://securebulletin.com/cve-2026-26083-critical-fortinet-fortisandbox-flaw-allows-unauthenticated-remote-code-execution-patch-now/
Overview
- burstbv
- Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative)
Description
Statistics
- 2 Posts
Fediverse
🔴 CVE-2026-8181: Burst Statistics WP plugin (v3.4.0 – 3.4.1.1) suffers CRITICAL auth bypass. Attackers can impersonate admins using any password — immediate removal advised until a fix is released. Details: https://radar.offseq.com/threat/cve-2026-8181-cwe-287-improper-authentication-in-b-c577a44d #OffSeq #WordPress #Vuln
Overview
- Microsoft
- Microsoft 365 Apps for Enterprise
Description
Statistics
- 2 Posts