F5 Nginx Vulnerabilities

Remote Code Execution Vulnerability in NGINX Gateway Fabric by F5 Networks

CVE-2026-32682

F5Nginx Gateway Fabric7.1HIGH

Injection Vulnerability in NGINX Gateway Fabric Affecting NGINX Plus and Open Source

CVE-2026-50107

F5Nginx Gateway Fabric8.6HIGH

Injection Vulnerability in NGINX Plus Configuration by F5 Networks

CVE-2026-11311

F5Nginx Gateway Fabric8.6HIGH

Heap Buffer Over-read in NGINX Plus and Open Source Due to Charset Misconfiguration

CVE-2026-48142

F5Nginx Open Source6.3MEDIUM

Heap-Based Buffer Overflow in NGINX Plus and Open Source Web Server

CVE-2026-42055

F5Nginx Open Source📈👾🟡📰9.2CRITICAL

Vulnerability in NGINX Open Source's HTTP/3 Module

CVE-2026-42530

F5Nginx Open Source🥇📈👾🟡📰9.2CRITICAL

Heap Buffer Overflow in NGINX Plus and Open Source due to Regex Patterns

CVE-2026-9256

F5Nginx Plus👾🟡9.2CRITICAL

Heap Buffer Overflow in NGINX JavaScript due to Improper Configuration

CVE-2026-8711

F5Nginx Javascript9.2CRITICAL

HTTP/2 Traffic Injection Vulnerability in NGINX Open Source by F5 Networks

CVE-2026-42926

F5Nginx Open Source👾🟡6.3MEDIUM

Source IP Spoofing Vulnerability in NGINX Plus and NGINX Open Source

CVE-2026-40460

F5Nginx Plus6.9MEDIUM

Memory Allocation Vulnerability in NGINX Modules by F5 Networks

CVE-2026-42946

F5Nginx Plus8.3HIGH

Heap Buffer Over-read Vulnerability in NGINX Plus and NGINX Open Source

CVE-2026-42934

F5Nginx Plus6.3MEDIUM

Heap Buffer Overflow in NGINX Plus and NGINX Open Source Affecting ngx_http_rewrite_module

CVE-2026-42945

F5Nginx Plus🥇📈👾🟡EPSS 61%📰9.2CRITICAL

Heap-Use-After-Free Vulnerability in NGINX Products

CVE-2026-40701

F5Nginx Plus👾🟡6.3MEDIUM

Worker Process Termination Vulnerability in NGINX Plus and Open Source

CVE-2026-27651

F5Nginx Open Source8.7HIGH

Buffer Overflow Vulnerability in NGINX Open Source and NGINX Plus

CVE-2026-27654

F5Nginx Open Source📈👾🟡8.8HIGH

Certificate Revocation Vulnerability in NGINX Plus and Open Source

CVE-2026-28755

F5Nginx Open Source5.3MEDIUM

Improper Header Handling in NGINX Plus and NGINX Open Source SMTP Module

CVE-2026-28753

F5Nginx Open Source6.3MEDIUM

Buffer Manipulation Vulnerability in NGINX Open Source and NGINX Plus

CVE-2026-32647

F5Nginx Open Source8.5HIGH

Memory Manipulation Vulnerability in NGINX Open Source by F5 Networks

CVE-2026-27784

F5Nginx Open Source8.5HIGH

Man-in-the-Middle Vulnerability in NGINX Proxying TLS Servers

CVE-2026-1642

F5Nginx Open Source8.2HIGH

NGINX Ingress Controller Vulnerability in Annotation Validation

CVE-2025-14727

F5Nginx Ingress Controller8.7HIGH

Server-Side Request Forgery Issue in F5 BIG-IP Advanced WAF Product

CVE-2025-58474

F5Big-ip6.9MEDIUM

NGINX Open Source and NGINX Plus Vulnerability in SMTP Module

CVE-2025-53859

F5Nginx Plus6.3MEDIUM

Denial-of-Service Vulnerability in NGINX Unit with Java Language Module

CVE-2025-1695

F5Nginx Unit6.9MEDIUM

F5 Nginx Vulnerabilities

Vulnerability Published:

Sort By:

17 June 2026

Remote Code Execution Vulnerability in NGINX Gateway Fabric by F5 Networks

Injection Vulnerability in NGINX Gateway Fabric Affecting NGINX Plus and Open Source

Injection Vulnerability in NGINX Plus Configuration by F5 Networks

Heap Buffer Over-read in NGINX Plus and Open Source Due to Charset Misconfiguration

Heap-Based Buffer Overflow in NGINX Plus and Open Source Web Server

Vulnerability in NGINX Open Source's HTTP/3 Module

22 May 2026

Heap Buffer Overflow in NGINX Plus and Open Source due to Regex Patterns

19 May 2026

Heap Buffer Overflow in NGINX JavaScript due to Improper Configuration

13 May 2026

HTTP/2 Traffic Injection Vulnerability in NGINX Open Source by F5 Networks

Source IP Spoofing Vulnerability in NGINX Plus and NGINX Open Source

Memory Allocation Vulnerability in NGINX Modules by F5 Networks

Heap Buffer Over-read Vulnerability in NGINX Plus and NGINX Open Source

Heap Buffer Overflow in NGINX Plus and NGINX Open Source Affecting ngx_http_rewrite_module

Heap-Use-After-Free Vulnerability in NGINX Products

24 March 2026

Worker Process Termination Vulnerability in NGINX Plus and Open Source

Buffer Overflow Vulnerability in NGINX Open Source and NGINX Plus

Certificate Revocation Vulnerability in NGINX Plus and Open Source

Improper Header Handling in NGINX Plus and NGINX Open Source SMTP Module

Buffer Manipulation Vulnerability in NGINX Open Source and NGINX Plus

Memory Manipulation Vulnerability in NGINX Open Source by F5 Networks

4 February 2026

Man-in-the-Middle Vulnerability in NGINX Proxying TLS Servers

17 December 2025

NGINX Ingress Controller Vulnerability in Annotation Validation

15 October 2025

Server-Side Request Forgery Issue in F5 BIG-IP Advanced WAF Product

13 August 2025

NGINX Open Source and NGINX Plus Vulnerability in SMTP Module

4 March 2025

Denial-of-Service Vulnerability in NGINX Unit with Java Language Module