Red Hat Product Errata RHSA-2026:17791 - Security Advisory Issued: 2026-05-15 Updated: 2026-05-15 RHSA-2026:17791 - Security Advisory Overview Updated Packages Synopsis Critical: nginx security update Type/Severity Security Advisory: Critical Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for nginx is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2477116 - CVE-2026-42945 nginx: NGINX: Arbitrary Code Execution Vulnerability CVEs CVE-2026-42945 References https://access.redhat.com/security/updates/classification/#critical Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM nginx-1.20.1-10.el9_0.4.src.rpm SHA-256: 5ebc1dda0876549351ac28f71c974b5dec09833f8f4f80876a8f8c8cb039666b ppc64le nginx-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: fdf09b5b8d1d9892e29ca634f37a7a822f248b3a150682829109d7bf251cb66e nginx-all-modules-1.20.1-10.el9_0.4.noarch.rpm SHA-256: 4c379bc262f9d518c6b508e3f0d814f4edcc648b27bd4f4353cc6d02b3b8b075 nginx-debuginfo-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: 4f7f16aee4490819aacaced29dbf290f4ccb6a5bc6cd0a7d0f68b1095830f9d9 nginx-debugsource-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: 92925be86cbd6ca81c56943de3b9be9e9e8886ac819258016644e853a25cc1c7 nginx-filesystem-1.20.1-10.el9_0.4.noarch.rpm SHA-256: 97fa1a63692975de0522e8a7d9d10f06bbdeb07bc5ef1a49a717293a137afed2 nginx-mod-http-image-filter-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: 36f4f3208d6e56ad7390b42d75e8bbfcc6bf88a6ac83e03169a9c92ffa9db904 nginx-mod-http-image-filter-debuginfo-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: 377a330322ed29553059a67798e479def793defe7bad614c8e60a3ad8fd7f74b nginx-mod-http-perl-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: ebdcb7abfa78a6fba4d74b48cfe6b0021673a3eb826a9cfadad72d2802623b8e nginx-mod-http-perl-debuginfo-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: f9a53af485fe48c99a04829ac207cc57b53c486fdda3c0a1d764e916ce3c6c5a nginx-mod-http-xslt-filter-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: 82746a2358616cc161809df8709dd23feb3055514d8258790fce169781448e8e nginx-mod-http-xslt-filter-debuginfo-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: 863fcf822670d21476864b523270e55b386346404d93676763433e3b0ca83174 nginx-mod-mail-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: c81232e41565bfe23768859e5e3984365d28fff4a5e943d11cff7d372c32bb1e nginx-mod-mail-debuginfo-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: 80103d1ff3f8ce667ba7aea3ab9cee44205d119b9770e8268783804c9d37a28d nginx-mod-stream-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: 4482e45b9474eadc696f9b5121ab6a71a33653128c1a523fdaffdf8c72a71d71 nginx-mod-stream-debuginfo-1.20.1-10.el9_0.4.ppc64le.rpm SHA-256: 7b7f7fffdd5132edd75389d6b729c12196ff4ad302f15e06e1c7e438be12bda5 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM nginx-1.20.1-10.el9_0.4.src.rpm SHA-256: 5ebc1dda0876549351ac28f71c974b5dec09833f8f4f80876a8f8c8cb039666b x86_64 nginx-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: 272cbae9111b446022c1ba952ccd18cf27fa30af8698e9414d39074a098f9c87 nginx-all-modules-1.20.1-10.el9_0.4.noarch.rpm SHA-256: 4c379bc262f9d518c6b508e3f0d814f4edcc648b27bd4f4353cc6d02b3b8b075 nginx-debuginfo-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: 7bce1de2b686bcfd826cef199749de457b92a1fec44ddbdeeb8fb6abbf83b088 nginx-debugsource-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: 02089cc883670b363245b8609ca312f618193344542cefb7ecf5f90f2ce64584 nginx-filesystem-1.20.1-10.el9_0.4.noarch.rpm SHA-256: 97fa1a63692975de0522e8a7d9d10f06bbdeb07bc5ef1a49a717293a137afed2 nginx-mod-http-image-filter-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: 5d277dc871f18ffa0c82fd5264ff52492e780d2cfe5b724e94191a923006da0e nginx-mod-http-image-filter-debuginfo-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: 09128b35e85d3e09a2707a33b91d857f44a6d34e6cca3d35595a9f22527b70c5 nginx-mod-http-perl-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: c1dd25cd3a50cb0b3f71c8e6634eebfc1609c64a77f182907e2085f2480ffadc nginx-mod-http-perl-debuginfo-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: 81970bf47f5981b4e0236ee63c6cd3fcf59ae43c03a5e43d7fa77f78e3bb37e0 nginx-mod-http-xslt-filter-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: 22379b393c0eaed67cb0f7aede0ca7749464bfe277aebc6a6b99e5224e2df83c nginx-mod-http-xslt-filter-debuginfo-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: cceef667d03cb5c46cd5f959a21512c1b87915492b62782635b3c6f7041f6be7 nginx-mod-mail-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: d6b4f9c2ea4c699d93d7d8f3abca0fd2b0e4657cbd405c7887fa9c8986cdbd7a nginx-mod-mail-debuginfo-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: 74844548097ff64f69894d86196bd093d18defb20a3ed9f50c1d82d0624be356 nginx-mod-stream-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: 20bde2ee01c55e4dcc628cfc6e78b3fb313d11de948508aaeb7dc39f798afadb nginx-mod-stream-debuginfo-1.20.1-10.el9_0.4.x86_64.rpm SHA-256: f74f4f338c510e9a07d7bf7ff405b7f06e553def9a7cfa74dfdac211f102665a Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 SRPM nginx-1.20.1-10.el9_0.4.src.rpm SHA-256: 5ebc1dda0876549351ac28f71c974b5dec09833f8f4f80876a8f8c8cb039666b aarch64 nginx-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: 31d09761d26c7bbedfec2fee002b1904282d48d7369cd65322a8b08c67958c77 nginx-all-modules-1.20.1-10.el9_0.4.noarch.rpm SHA-256: 4c379bc262f9d518c6b508e3f0d814f4edcc648b27bd4f4353cc6d02b3b8b075 nginx-debuginfo-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: 89f203f0dfb49ccf1493591237094515f5bc84b0a9d532b841c5c1f7dcc1c936 nginx-debugsource-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: 5caaad0902c51fc5cc4a35cf301cf46e6d9a355fc81f9e454678b06947c35bff nginx-filesystem-1.20.1-10.el9_0.4.noarch.rpm SHA-256: 97fa1a63692975de0522e8a7d9d10f06bbdeb07bc5ef1a49a717293a137afed2 nginx-mod-http-image-filter-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: 8d511ca0607546050a040e959e2ba442290b5a61f265d97d0ba163ed8fde5904 nginx-mod-http-image-filter-debuginfo-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: 333ce4fdd19f742ccf314f83112ee7863921b16329d77391dab0d741a31c30ef nginx-mod-http-perl-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: 30dd6a20809e1e3310764b65d7b5894d003c9930163f6b761c87d5977c626303 nginx-mod-http-perl-debuginfo-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: 16ccc58e4e6b36197e552ddb0f0e0c7a154e95fe59a893ae4fcfc8fff73b6e21 nginx-mod-http-xslt-filter-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: c2ce29de9ef7cba781a69b5cdac2da3c7d7f8b2caeedb8920cf55527fae0bea5 nginx-mod-http-xslt-filter-debuginfo-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: 1a4d426ad0c47f58178c61dc7be291dada31961c5cd1de92171cf62d0a902a40 nginx-mod-mail-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: b710912a1b02b1c59bfe3806deca80c4ebd6031384fd6a5cf9211b321f923440 nginx-mod-mail-debuginfo-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: ef9e3e537e9552d8555acc370afe9d2fc25f2e1a5c1083ebad832b7519eaceea nginx-mod-stream-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: a3d274ba70055f353857255232136216fab1921422ebc0adb20931673991aef3 nginx-mod-stream-debuginfo-1.20.1-10.el9_0.4.aarch64.rpm SHA-256: 8f3da93de2db4e26001564dccbd428e9f91d9e02527ed16ce4dc8f049853d0f3 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 SRPM nginx-1.20.1-10.el9_0.4.src.rpm SHA-256: 5ebc1dda0876549351ac28f71c974b5dec09833f8f4f80876a8f8c8cb039666b s390x nginx-1.20.1-10.el9_0.4.s390x.rpm SHA-256: 751e503fa6033d7afdad372df97c2cfea07cf37370a30a26fe10ccd1fe543b56 nginx-all-modules-1.20.1-10.el9_0.4.noarch.rpm SHA-256: 4c379bc262f9d518c6b508e3f0d814f4edcc648b27bd4f4353cc6d02b3b8b075 nginx-debuginfo-1.20.1-10.el9_0.4.s390x.rpm SHA-256: f82e91f93b7eb4e2d50b1aa36e001ec4fbfa6b37cf32ac3c90a774700a0833c6 nginx-debugsource-1.20.1-10.el9_0.4.s390x.rpm SHA-256: f8e82e99e702625357b5eb3b9dbfe3afedfd5fda19b0833ff3816ce37e902efc nginx-filesystem-1.20.1-10.el9_0.4.noarch.rpm SHA-256: 97fa1a63692975de0522e8a7d9d10f06bbdeb07bc5ef1a49a717293a137afed2 nginx-mod-http-image-filter-1.20.1-10.el9_0.4.s390x.rpm SHA-256: fd8f95662e77f54623a86de61d2bb2ae30d3ba13015980e3f56d27bcf768954c nginx-mod-http-image-filter-debuginfo-1.20.1-10.el9_0.4.s390x.rpm SHA-256: cb2900ef85200bab91c643ee15aa5dd208e8ebc119846654c428b60bd5ee76ca nginx-mod-http-perl-1.20.1-10.el9_0.4.s390x.rpm SHA-256: 565507627c78739cf353f331ccc142d29b174f060731bb02e0efbe9cb5c944fe nginx-mod-http-perl-debuginfo-1.20.1-10.el9_0.4.s390x.rpm SHA-256: fcb06f9ee61fa950253eff2114277a9290582a958e589cce2c6982cc93290c6b nginx-mod-http-xslt-filter-1.20.1-10.el9_0.4.s390x.rpm SHA-256: 6621ccd4e321112f65f672f38a31c905164c8e2bdfdd2fe4c0f970d445f5de83 nginx-mod-http-xslt-filter-debuginfo-1.20.1-10.el9_0.4.s390x.rpm SHA-256: f1f569755fd53972b3982cd08f8749c66ceb27602a1bcacb75c29e40d1c94249 nginx-mod-mail-1.20.1-10.el9_0.4.s390x.rpm SHA-256: bf745f44036f3423c20801a3aaf9dbbb441af056c02e3deee4f0ac14df8b23db nginx-mod-mail-debuginfo-1.20.1-10.el9_0.4.s390x.rpm SHA-256: acb7a656f91f0828b7efb5d73713a0ff89585ce1e28c6bf53d8a6a