1. 18-Year-Old NGINX Rewrite Module Heap Overflow Exposes Servers to Remote Code Execution
A critical vulnerability embedded in NGINX's rewrite module went undetected for nearly two decades before depthfirst researchers uncovered the flaw during a security audit. The heap buffer overflow, tracked as CVE-2026-42945, carries a CVSS v4 score of 9.2 and affects both NGINX Plus and NGINX Open source distributions...