Security News

Cybersecurity news aggregator

🔄
CRITICAL Updates Red Hat Errata

RHSA-2026:17752: Critical: nginx:1.24 security update

cve-2026-42945web-server
A critical arbitrary code execution vulnerability (CVE-2026-42945, CVSS 8.1 HIGH) has been identified in the nginx web and proxy server. The Red Hat security advisory RHSA-2026:17752 provides a critical update for the nginx:1.24 module on Red Hat Enterprise Linux 9.6 Extended Update Support and related variants. Affected systems should be remediated by applying the provided update packages, which contain the necessary security fixes.
Read Full Article →

Red Hat Product Errata RHSA-2026:17752 - Security Advisory Issued: 2026-05-15 Updated: 2026-05-15 RHSA-2026:17752 - Security Advisory Overview Updated Packages Synopsis Critical: nginx:1.24 security update Type/Severity Security Advisory: Critical Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2477116 - CVE-2026-42945 nginx: NGINX: Arbitrary Code Execution Vulnerability CVEs CVE-2026-42945 References https://access.redhat.com/security/updates/classification/#critical Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM nginx-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.src.rpm SHA-256: 7b9c382999b6fcdb7656143cdb14b21fe5ecb8602f9258f1e339d206ece1f384 x86_64 nginx-all-modules-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: 2de3dfe90c8462b568c7bd06a18a2ed57a9a4246f29424ccf1810d57b9d03701 nginx-filesystem-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: b2b2e324e2d4d067b98e9e707df0701616befd0ff62e90e89f7fd2aa532ca2de nginx-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: fbad89ddb4642341e87bca93ed0d05b5413043a966cd5a3d8d2cc86301c661dc nginx-all-modules-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: 2de3dfe90c8462b568c7bd06a18a2ed57a9a4246f29424ccf1810d57b9d03701 nginx-core-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: c3bd89358587387395da8efcd7b123a77f93a51b0153dfbbd1054728bd2fad4c nginx-core-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 35a0de1762400b08b571df7a16cb8d8a20012880141fc5aa35d662bf78bba00a nginx-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 037310d73e7237b9ed8824cb1568434202346a76f898ff49078dce0000a9b616 nginx-debugsource-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 15f7018d0bf4693e3b40fa8d900ca50fa8d21fae1d7c21bc3e1afb0d176bb520 nginx-filesystem-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: b2b2e324e2d4d067b98e9e707df0701616befd0ff62e90e89f7fd2aa532ca2de nginx-mod-devel-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 19a445cb1684fb8439cd9c49ae6ddc16f973669ec0067564ffeb41eb2c1dc2ad nginx-mod-http-image-filter-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: a8e360698ae0363cb1620429e814ff735c21ce12844461d7dd4fae2682932d87 nginx-mod-http-image-filter-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: d785dd2f34918628c9d8b02e5e9a0d6f78963dec3fc19123696e8091d1d8c616 nginx-mod-http-perl-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 5df9c75f7b781ce2072e398f5c0eadf2913e841906a48684b54112565dccb0df nginx-mod-http-perl-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 3733d06b352d5bd637dde2be62acd3506ea570f0359fe41b94da152569dafed0 nginx-mod-http-xslt-filter-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 298f94c51e22ccfdbf08d2e1f1624a177602c598ce5d859277dffff9d51b796a nginx-mod-http-xslt-filter-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: b0760ca0e85294e65e5e699adab4480798e05432c172b9757bf781addd4db180 nginx-mod-mail-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 384a0f6f5676191c0b4d7a23749de464224cfe9f7604cb94aa87ddaad5a1f822 nginx-mod-mail-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 45a6a5f31dbc1cfa04d8564a657fdec8f3048ab99939871a5e9441e7158cf784 nginx-mod-stream-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 502a1062e5b31944fde5037c3bb1d6c552b34b59f5100fd689b336cac0e85bdf nginx-mod-stream-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: a2be4a7231147874d1a00612eb15e26147f183ff34048f77991ad5a183acd090 nginx-all-modules-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: 2de3dfe90c8462b568c7bd06a18a2ed57a9a4246f29424ccf1810d57b9d03701 nginx-filesystem-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: b2b2e324e2d4d067b98e9e707df0701616befd0ff62e90e89f7fd2aa532ca2de nginx-all-modules-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: 2de3dfe90c8462b568c7bd06a18a2ed57a9a4246f29424ccf1810d57b9d03701 nginx-filesystem-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: b2b2e324e2d4d067b98e9e707df0701616befd0ff62e90e89f7fd2aa532ca2de Red Hat Enterprise Linux Server - AUS 9.6 SRPM nginx-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.src.rpm SHA-256: 7b9c382999b6fcdb7656143cdb14b21fe5ecb8602f9258f1e339d206ece1f384 x86_64 nginx-all-modules-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: 2de3dfe90c8462b568c7bd06a18a2ed57a9a4246f29424ccf1810d57b9d03701 nginx-filesystem-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: b2b2e324e2d4d067b98e9e707df0701616befd0ff62e90e89f7fd2aa532ca2de nginx-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: fbad89ddb4642341e87bca93ed0d05b5413043a966cd5a3d8d2cc86301c661dc nginx-all-modules-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: 2de3dfe90c8462b568c7bd06a18a2ed57a9a4246f29424ccf1810d57b9d03701 nginx-core-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: c3bd89358587387395da8efcd7b123a77f93a51b0153dfbbd1054728bd2fad4c nginx-core-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 35a0de1762400b08b571df7a16cb8d8a20012880141fc5aa35d662bf78bba00a nginx-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 037310d73e7237b9ed8824cb1568434202346a76f898ff49078dce0000a9b616 nginx-debugsource-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 15f7018d0bf4693e3b40fa8d900ca50fa8d21fae1d7c21bc3e1afb0d176bb520 nginx-filesystem-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: b2b2e324e2d4d067b98e9e707df0701616befd0ff62e90e89f7fd2aa532ca2de nginx-mod-devel-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 19a445cb1684fb8439cd9c49ae6ddc16f973669ec0067564ffeb41eb2c1dc2ad nginx-mod-http-image-filter-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: a8e360698ae0363cb1620429e814ff735c21ce12844461d7dd4fae2682932d87 nginx-mod-http-image-filter-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: d785dd2f34918628c9d8b02e5e9a0d6f78963dec3fc19123696e8091d1d8c616 nginx-mod-http-perl-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 5df9c75f7b781ce2072e398f5c0eadf2913e841906a48684b54112565dccb0df nginx-mod-http-perl-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 3733d06b352d5bd637dde2be62acd3506ea570f0359fe41b94da152569dafed0 nginx-mod-http-xslt-filter-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 298f94c51e22ccfdbf08d2e1f1624a177602c598ce5d859277dffff9d51b796a nginx-mod-http-xslt-filter-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: b0760ca0e85294e65e5e699adab4480798e05432c172b9757bf781addd4db180 nginx-mod-mail-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 384a0f6f5676191c0b4d7a23749de464224cfe9f7604cb94aa87ddaad5a1f822 nginx-mod-mail-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 45a6a5f31dbc1cfa04d8564a657fdec8f3048ab99939871a5e9441e7158cf784 nginx-mod-stream-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: 502a1062e5b31944fde5037c3bb1d6c552b34b59f5100fd689b336cac0e85bdf nginx-mod-stream-debuginfo-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.x86_64.rpm SHA-256: a2be4a7231147874d1a00612eb15e26147f183ff34048f77991ad5a183acd090 nginx-all-modules-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: 2de3dfe90c8462b568c7bd06a18a2ed57a9a4246f29424ccf1810d57b9d03701 nginx-filesystem-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: b2b2e324e2d4d067b98e9e707df0701616befd0ff62e90e89f7fd2aa532ca2de nginx-all-modules-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: 2de3dfe90c8462b568c7bd06a18a2ed57a9a4246f29424ccf1810d57b9d03701 nginx-filesystem-1.24.0-4.module+el9.6.0+24297+b3b39a7f.3.noarch.rpm SHA-256: b2b2e324e2d4d067b98e9e70

Related Articles

CRITICAL RHSA-2026:17751: Critical: nginx security update Red Hat Errata CRITICAL RHSA-2026:17753: Critical: nginx:1.26 security update Red Hat Errata CRITICAL Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945) Help Net Security CRITICAL RHSA-2026:19159: Critical: nginx security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn