Vulnerabilities3 min read
NGINX Rift: 18-Year-Old Heap Overflow Enables RCE on Web Servers
CVE-2026-42945 is a critical heap buffer overflow in NGINX's rewrite module that went undetected since 2008. CVSS 9.2 with public PoC available—patch now.
Marcus ChenMay 15, 2026