NGINX Just Patched an 18-Year-Old Bug That Gives Attackers Remote Code Execution
CVE-2026-42945 is a critical heap buffer overflow in NGINX’s rewrite module affecting every version since 2008. Unauthenticated RCE with a public PoC. Patch to 1.30.1 or 1.31.0 immediately.