F5 Nginx Vulnerabilities

Worker Process Termination Vulnerability in NGINX Plus and Open Source

CVE-2026-27651

F5Nginx Open Source8.7HIGH

Buffer Overflow Vulnerability in NGINX Open Source and NGINX Plus

CVE-2026-27654

F5Nginx Open Source👾🟡8.8HIGH

Certificate Revocation Vulnerability in NGINX Plus and Open Source

CVE-2026-28755

F5Nginx Open Source5.3MEDIUM

Improper Header Handling in NGINX Plus and NGINX Open Source SMTP Module

CVE-2026-28753

F5Nginx Open Source6.3MEDIUM

Buffer Manipulation Vulnerability in NGINX Open Source and NGINX Plus

CVE-2026-32647

F5Nginx Open Source8.5HIGH

Memory Manipulation Vulnerability in NGINX Open Source by F5 Networks

CVE-2026-27784

F5Nginx Open Source8.5HIGH

Man-in-the-Middle Vulnerability in NGINX Proxying TLS Servers

CVE-2026-1642

F5Nginx Open Source8.2HIGH

NGINX Ingress Controller Vulnerability in Annotation Validation

CVE-2025-14727

F5Nginx Ingress Controller8.7HIGH

Server-Side Request Forgery Issue in F5 BIG-IP Advanced WAF Product

CVE-2025-58474

F5Big-ip6.9MEDIUM

NGINX Open Source and NGINX Plus Vulnerability in SMTP Module

CVE-2025-53859

F5Nginx Plus6.3MEDIUM

Denial-of-Service Vulnerability in NGINX Unit with Java Language Module

CVE-2025-1695

F5Nginx Unit6.9MEDIUM

Session Resumption Vulnerability in NGINX Affected by Client Certificate Authentication Bypass

CVE-2025-23419

F5Nginx Open Source👾📰5.3MEDIUM

NGINX Open Source and NGINX Plus Vulnerability Permits Over-read of Worker Memory

CVE-2024-7347

F5Nginx Open Source5.7MEDIUM

Undisclosed Requests Can Cause Memory Resource Utilization Increase in NGINX Plus

CVE-2024-39792

F5Nginx Plus7.5HIGH

Memory Leak in NGINX Plus Due to Undisclosed QUIC Packets

CVE-2024-34161

F5Nginx Open Source5.3MEDIUM

Undisclosed HTTP/3 Requests Can Cause NGINX Worker Processes to Terminate

CVE-2024-35200

F5Nginx Open Source5.3MEDIUM

Undisclosed HTTP/3 Encoder Instructions Can Cause NGINX Worker Processes to Terminate

CVE-2024-32760

F5Nginx Open Source📰6.5MEDIUM

Undisclosed HTTP/3 Requests Can Cause NGINX Worker Processes to Terminate

CVE-2024-31079

F5Nginx Open Source📰4.8MEDIUM

Undisclosed Requests Can Cause NGINX Worker Processes to Terminate

CVE-2024-24990

F5Nginx Plus📰7.5HIGH

NGINX HTTP/3 QUIC vulnerability

CVE-2024-24989

F5Nginx Plus📰7.5HIGH

NGINX Management Suite vulnerability

CVE-2023-28656

F5Nginx Instance Manager8.1HIGH

NGINX Management Suite vulnerability

CVE-2023-28724

F5Nginx Instance Manager7.1HIGH

NGINX Agent vulnerability CVE-2023-1550

CVE-2023-1550

F5Nginx Agent5.5MEDIUM

NGINX ngx_http_mp4_module vulnerability CVE-2022-41741

CVE-2022-41741

F5Nginx👾🟡7HIGH

NGINX ngx_http_mp4_module vulnerability CVE-2022-41742

CVE-2022-41742

F5Nginx7.1HIGH

Vulnerability Published:

Sort By:

24 March 2026

Worker Process Termination Vulnerability in NGINX Plus and Open Source

Buffer Overflow Vulnerability in NGINX Open Source and NGINX Plus

Certificate Revocation Vulnerability in NGINX Plus and Open Source

Improper Header Handling in NGINX Plus and NGINX Open Source SMTP Module

Buffer Manipulation Vulnerability in NGINX Open Source and NGINX Plus

Memory Manipulation Vulnerability in NGINX Open Source by F5 Networks

4 February 2026

Man-in-the-Middle Vulnerability in NGINX Proxying TLS Servers

17 December 2025

NGINX Ingress Controller Vulnerability in Annotation Validation

15 October 2025

Server-Side Request Forgery Issue in F5 BIG-IP Advanced WAF Product

13 August 2025

NGINX Open Source and NGINX Plus Vulnerability in SMTP Module

4 March 2025

Denial-of-Service Vulnerability in NGINX Unit with Java Language Module

5 February 2025

Session Resumption Vulnerability in NGINX Affected by Client Certificate Authentication Bypass

14 August 2024

NGINX Open Source and NGINX Plus Vulnerability Permits Over-read of Worker Memory

Undisclosed Requests Can Cause Memory Resource Utilization Increase in NGINX Plus

29 May 2024

Memory Leak in NGINX Plus Due to Undisclosed QUIC Packets

Undisclosed HTTP/3 Requests Can Cause NGINX Worker Processes to Terminate

Undisclosed HTTP/3 Encoder Instructions Can Cause NGINX Worker Processes to Terminate

Undisclosed HTTP/3 Requests Can Cause NGINX Worker Processes to Terminate

14 February 2024

Undisclosed Requests Can Cause NGINX Worker Processes to Terminate

NGINX HTTP/3 QUIC vulnerability

3 May 2023

NGINX Management Suite vulnerability

NGINX Management Suite vulnerability

29 March 2023

NGINX Agent vulnerability CVE-2023-1550

19 October 2022

NGINX ngx_http_mp4_module vulnerability CVE-2022-41741

NGINX ngx_http_mp4_module vulnerability CVE-2022-41742