Red Hat Product Errata RHSA-2026:17751 - Security Advisory Issued: 2026-05-15 Updated: 2026-05-15 RHSA-2026:17751 - Security Advisory Overview Updated Packages Synopsis Critical: nginx security update Type/Severity Security Advisory: Critical Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for nginx is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2477116 - CVE-2026-42945 nginx: NGINX: Arbitrary Code Execution Vulnerability CVEs CVE-2026-42945 References https://access.redhat.com/security/updates/classification/#critical Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM nginx-1.20.1-14.el9_2.6.src.rpm SHA-256: 8e830ce535488eb4f8b872a4e3a47948db13ff26ce58e22672c032cb0dd72e8e x86_64 nginx-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 264040f9736ee653c136989e3740365764cfe9b327bf1f63fab0de5a5a07b1ee nginx-all-modules-1.20.1-14.el9_2.6.noarch.rpm SHA-256: 1feaef915ba59c9e655ef4e24948e5481928ad34c0e865a05b0b1e0f32ad4505 nginx-core-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: de47bde105cba47531a31ea0a6f85cc0786eb0702c6eb85833c86f0fb9eedcf6 nginx-core-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 9575de88acc4e6c8de47a179af1a26b9d646cbc70a01e29608e670f068d6232d nginx-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 1525b0c31a8e6a2c0e4c25c973ca923efa9dab24680935f5bf996b51545de897 nginx-debugsource-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: a7cf71db119ba721bcc6e8100a562d89fbe312c83e7692100163a20bd7fa3883 nginx-filesystem-1.20.1-14.el9_2.6.noarch.rpm SHA-256: e3fcbfa44dc5f062990f426e013278bd227ae1e378ba2648e21cd005e35b5f76 nginx-mod-http-image-filter-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 7e3f9b99f226b2f6a2f09a9f312126f8cdbe5d779dd920fc4915f7e11f03fa7b nginx-mod-http-image-filter-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: fe8ad940f44146f4e1d0e02c541dd98d2190663040461975f886a12a9dcdd5d7 nginx-mod-http-perl-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 56aca7b42a02462e3db26412359a5ae75cc9ed8f687ab36677fd4c6d0f41d485 nginx-mod-http-perl-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: ace0511224afddd9f7ec1fcdf9f9e50ad7f3829b8d31aa89dd440a3657d4148c nginx-mod-http-xslt-filter-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: b1afef77e9cc517438a44c25086ea61883e86bf007355c20f6bb3063fa734c5f nginx-mod-http-xslt-filter-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 997c74460405f9a5511300cdda15b7bc3983a073d2b1e2e77efa293d6d41115f nginx-mod-mail-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 769b1b50ca860579bffd87be40d9f1fe2fdd5eb21838cc41d5f0ab8ed994b580 nginx-mod-mail-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 7161c31c8dd06ca23ddeda6b176d69bc64867a2548c7b65c6987332c8cd1fb44 nginx-mod-stream-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 6722016d7f15579885feb88cb8834373b96dc198a7765f61f5d6e7533caae2bd nginx-mod-stream-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 52179033c52565099127122749b552ad8985d2d8bdfe0c74433e8f9fd5722e88 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM nginx-1.20.1-14.el9_2.6.src.rpm SHA-256: 8e830ce535488eb4f8b872a4e3a47948db13ff26ce58e22672c032cb0dd72e8e ppc64le nginx-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: 5439b2ad36763d95986db441beebb465bd7669a9b9729473dddd0d3380cd2a49 nginx-all-modules-1.20.1-14.el9_2.6.noarch.rpm SHA-256: 1feaef915ba59c9e655ef4e24948e5481928ad34c0e865a05b0b1e0f32ad4505 nginx-core-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: 9950b6f8a1894c0298b1a629c27b740f16adc7122c4fe855bd6606d37257c221 nginx-core-debuginfo-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: 90add3ba3431346963abb2101d9bd100100c7eed3b4480a0d5249583e530579f nginx-debuginfo-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: 1bed387f38bac4002f2410191ced88062ee454f3babe14c7cfa4ef55eba63ef9 nginx-debugsource-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: 4c9a79dbee2bef01cfc0bbdf447a85be9f7feaf7de5ada774bdb45895c304a5c nginx-filesystem-1.20.1-14.el9_2.6.noarch.rpm SHA-256: e3fcbfa44dc5f062990f426e013278bd227ae1e378ba2648e21cd005e35b5f76 nginx-mod-http-image-filter-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: 497b42e3ddbba76b596fbc4bf9a1bc2252d6fe9af988af2c951b0cc8966e264e nginx-mod-http-image-filter-debuginfo-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: 5d88bd45f935c2f571a80222c5155fbf7e8cdd2c1f1a6e8baa13cf7c21cf01a7 nginx-mod-http-perl-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: 7eef708081b3b376b0d73d3aa23ffb9a5ade28dc860198b345ae6fabc6f928b4 nginx-mod-http-perl-debuginfo-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: 6c967057ddc77a17eeef23d773e51305591707318c8de8f77b7e245d6e7d515b nginx-mod-http-xslt-filter-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: f6072d641de32e0e283a566f89d737848303dcbeadd0e1d30b5fce96cee5ed1b nginx-mod-http-xslt-filter-debuginfo-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: d3c2e3b96a52d058e32baa7843fbc21acdef7915d6982f4d253abf37d8304868 nginx-mod-mail-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: 95e74c2527582b720fd372f17ace342ed5618b64dfabe58f0433249dbe241422 nginx-mod-mail-debuginfo-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: f4b60993e0f954576faa8711151f769dc5be1ce07b090ae48a48d560a6758148 nginx-mod-stream-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: cd0de300ec7733821a4bb6609aa2e5f17be7516510c26049f3e3636963acc052 nginx-mod-stream-debuginfo-1.20.1-14.el9_2.6.ppc64le.rpm SHA-256: c2431c53b0813e464434080f74012dff72d3cddeeb6a625111f5c554374315c6 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM nginx-1.20.1-14.el9_2.6.src.rpm SHA-256: 8e830ce535488eb4f8b872a4e3a47948db13ff26ce58e22672c032cb0dd72e8e x86_64 nginx-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 264040f9736ee653c136989e3740365764cfe9b327bf1f63fab0de5a5a07b1ee nginx-all-modules-1.20.1-14.el9_2.6.noarch.rpm SHA-256: 1feaef915ba59c9e655ef4e24948e5481928ad34c0e865a05b0b1e0f32ad4505 nginx-core-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: de47bde105cba47531a31ea0a6f85cc0786eb0702c6eb85833c86f0fb9eedcf6 nginx-core-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 9575de88acc4e6c8de47a179af1a26b9d646cbc70a01e29608e670f068d6232d nginx-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 1525b0c31a8e6a2c0e4c25c973ca923efa9dab24680935f5bf996b51545de897 nginx-debugsource-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: a7cf71db119ba721bcc6e8100a562d89fbe312c83e7692100163a20bd7fa3883 nginx-filesystem-1.20.1-14.el9_2.6.noarch.rpm SHA-256: e3fcbfa44dc5f062990f426e013278bd227ae1e378ba2648e21cd005e35b5f76 nginx-mod-http-image-filter-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 7e3f9b99f226b2f6a2f09a9f312126f8cdbe5d779dd920fc4915f7e11f03fa7b nginx-mod-http-image-filter-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: fe8ad940f44146f4e1d0e02c541dd98d2190663040461975f886a12a9dcdd5d7 nginx-mod-http-perl-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 56aca7b42a02462e3db26412359a5ae75cc9ed8f687ab36677fd4c6d0f41d485 nginx-mod-http-perl-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: ace0511224afddd9f7ec1fcdf9f9e50ad7f3829b8d31aa89dd440a3657d4148c nginx-mod-http-xslt-filter-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: b1afef77e9cc517438a44c25086ea61883e86bf007355c20f6bb3063fa734c5f nginx-mod-http-xslt-filter-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 997c74460405f9a5511300cdda15b7bc3983a073d2b1e2e77efa293d6d41115f nginx-mod-mail-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 769b1b50ca860579bffd87be40d9f1fe2fdd5eb21838cc41d5f0ab8ed994b580 nginx-mod-mail-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 7161c31c8dd06ca23ddeda6b176d69bc64867a2548c7b65c6987332c8cd1fb44 nginx-mod-stream-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 6722016d7f15579885feb88cb8834373b96dc198a7765f61f5d6e7533caae2bd nginx-mod-stream-debuginfo-1.20.1-14.el9_2.6.x86_64.rpm SHA-256: 52179033c52565099127122749b552ad8985d2d8bdfe0c74433e8f9fd5722e88 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 SRPM nginx-1.20.1-14.el9_2.6.src.rpm SHA-256: 8e830ce535488eb4f8b872a4e3a47948db13ff26ce58e22672c032cb0dd72e8e aarch64 nginx-1.20.1-14.el9_2.6.aarch64.rpm SHA-256: 2075ed7ac6a6f087f4ffedc83e0d694a2af86d9838566fb59fddd1527a146ea6 nginx-all-modules-1.20.1-14.el9_2.6.noarch.rpm SHA-256: 1feaef915ba59c9e655ef4e24948e5481928ad34c0e865a05b0b1e0f32ad4505 nginx-core-1.20.1-14.el9_2.6.aarch64.rpm SHA-256: f582902a7078c779c7a6192d5bf3b865ac5111422993b44956db05456e67c50a nginx-core-debuginfo-1.20.1-14.el9_2.6.aarch64.rpm SHA-256: 4bcea5ee7b8684c3fc9b6425e3ad448e8881ed002e42cbfeb6179b028d7347af nginx-debuginfo-1.20.1-14.el9_2.6.aarch64.rpm SHA-256: 827030cf4b32fe9c8c7bd5105e490e26c7717238d52dfd4d95465547dae63