Heap Buffer Over-Read Vulnerability in NGINX Plus and Open Source
CVE-2026-56434
8.3HIGH
What is CVE-2026-56434?
A vulnerability exists in the ngx_http_ssi_module of NGINX Plus and NGINX Open Source that can be exploited when the Server-Side Includes (SSI), proxy_pass, and proxy_buffering off directives are misconfigured. An attacker with man-in-the-middle capabilities can manipulate responses from upstream servers, potentially leading to a heap buffer over-read. This situation allows for limited modification of memory contents or a restart of the NGINX worker process. This issue represents a serious risk to the integrity and availability of applications utilizing these NGINX products.
Affected Version(s)
NGINX Open Source 1.31.2 < 1.31.3
NGINX Open Source 0.8.11 < 1.30.4
NGINX Plus 37.0.0.1 < 37.0.3.1
References
CVSS V4
Score:
8.3
Severity:
HIGH
Confidentiality:
None
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
F5 acknowledges p4p3r(@P4P3R-HAK)" of "싸이버원(CYBERONE) for bringing this issue to our attention and following the highest standards of coordinated disclosure.