ZDNet

Nginx adds OAuth 2 authentication, other tools to its application delivery platform

Nginx on Tuesday released its latest product offering, the Plus R8, which includes an initial release of OAuth 2-based authentication. Nginx CEO Gus Robertson said that many of today's most popular ...
Cybernews

NGINX is critically vulnerable: hackers can crash servers and run remote code with no authentication

A critical, 18-year-old vulnerability in the NGINX web server has been discovered, which allows unauthenticated attackers to ...
InfoWorld

Nginx Web server upgrade focuses on HTTP/2, authentication

Nginx is upgrading the commercially supported version of its popular Web server, fitting it with new HTTP/2, authentication, and caching capabilities. Nginx Plus Release 8, being unveiled today, backs ...
Morning Overview on MSN

An 18-year-old heap buffer overflow in NGINX gives attackers remote code execution — billions of devices run the affected module

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...
Security Boulevard

CVE-2026-42945: Imperva Customers Protected Against Critical NGINX Rewrite Module Vulnerability

TL;DR: Researchers recently disclosed CVE-2026-42945, a critical heap-based buffer overflow vulnerability affecting both NGINX Open Source and NGINX Plus. The flaw exists within the ...
CPO Magazine

AI Unearths Critical Vulnerability Hidden in NGINX Web Servers for 18 Years

A critical vulnerability discovered by AI spans most of the history of NGINX, which was first made available in 2004. The web server is frequently used as a load balancer and cache for static content, ...