Black & White Path
May 16, 2026 · Information Security
A 18‑Year‑Old Nginx RCE Flaw Finally Exposed (CVE‑2026‑42945)
Depthfirst’s AI tool Rift uncovered a critical heap‑buffer‑overflow vulnerability (CVE‑2026‑42945) in Nginx’s ngx_http_rewrite_module that has been present for 18 years, allowing unauthenticated attackers to trigger denial‑of‑service or potential remote code execution, affecting versions 0.6.27‑1.30.0 and fixed in 1.30.1/1.31.0.
AI-assisted Vulnerability DiscoveryCVE-2026-42945Heap Buffer Overflow
0 likes · 5 min read