An AI-discovered bug hidden in NGINX since 2008 lets anyone on the internet crash NGINX worker processes or, with ASLR disabled, run code on the server using a single crafted HTTP request. The flaw, named NGINX Rift (CVE-2026-42945, CVSS 9.2), sits in the rewrite module that powers URL rewriting in almost every NGINX deployment. It triggers when a config uses a rewrite directive with unnamed regex captures and a question mark, followed by another rewrite, if, or set directive - a common pattern in API gateway setups. NGINX runs roughly a third of the websites on the public internet.
A CVSS 9.8 authentication bypass in nginx-ui, the popular open-source web management interface for Nginx servers, is being actively exploited in the wild. The flaw, codenamed MCPwn by Pluto Security, exists because the /mcp_message endpoint added for Model Context Protocol (AI integration) support only checks IP whitelisting - and the default whitelist is empty, meaning it allows all connections. One unauthenticated HTTP POST request lets an attacker invoke all MCP tools: rewrite Nginx config files, reload the server, intercept all traffic, and harvest admin credentials. Attackers chain it with CVE-2026-27944 (exposed encryption keys via the backup API) to extract the node_secret needed for full MCP access. Recorded Future flagged active exploitation and assigned a risk score of 94/100. Shodan shows 2,600 publicly exposed instances, mostly in China, the US, Indonesia, and Germany. Pluto Security's key lesson: AI integration endpoints expose the same capabilities as the core application but often skip its security controls.
TrustStrike Labs