Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration ...

Nginx is betting that its open-source Web server software, now used by many large Internet services, will also find a home in the enterprise. The second release of Nginx’s commercial package, called ...

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...

“CVE-2026-33032 is a missing authentication bug with a CVSS score of 9.8; as a result of missing authentication controls, an ...

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...

A critical authentication bypass in nginx-ui, a widely used open-source web interface for managing nginx servers, has been ...

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Nginx was once perhaps best known as an open-source web ...

The GitHub-linked advisory and NVD record show the CVE was published on March 30, while the NVD page lists nginx-ui versions ...

A critical Nginx UI vulnerability that allows attackers to take full control of servers has been exploited in the wild.

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...