The Short Version F5 published advisories on May 13, 2026 for four nginx vulnerabilities, the most serious of which is CVE-2026-42945, a heap buffer overflow in the nginx rewrite module with a CVSS v4 score of 9.2 (Critical). The flaw, branded by its discoverers at depthfirst as NGINX Rift, dates back to nginx versions as early as … Continue reading Nginx Just Patched old Rewrite Module Flaw. RCE Was Possible With a Single HTTP Request.