Red Hat Product Errata RHSA-2026:17792 - Security Advisory Issued: 2026-05-15 Updated: 2026-05-15 RHSA-2026:17792 - Security Advisory Overview Updated Packages Synopsis Critical: nginx security update Type/Severity Security Advisory: Critical Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for nginx is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2477116 - CVE-2026-42945 nginx: NGINX: Arbitrary Code Execution Vulnerability CVEs CVE-2026-42945 References https://access.redhat.com/security/updates/classification/#critical Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM nginx-1.20.1-16.el9_4.6.src.rpm SHA-256: bcd312498f3318799c71fa2323e752d095d119a7190bfd2cfe2933fa71312162 x86_64 nginx-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 5e3157797e37e86d1cdb0ec7932c9f7e6e6e9e71c744643b4c7ec7824ec132e8 nginx-all-modules-1.20.1-16.el9_4.6.noarch.rpm SHA-256: 5ce0755ef966d41046f4931df79619a116977d6164fdfb8d9f076caa3866dd0c nginx-core-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 398b11d3a20d7a1aeef7385960b122a8b4856cd2143b6583395ee1f9403c23e8 nginx-core-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: e3e4caa08bbefe5059cdea83357ea9a87bc90526d0b603997f6d9615df06d2b4 nginx-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 4ccdd7e69f150e9b19969038e0d13196a5186cfc40fb994bab1477b9fce9dcca nginx-debugsource-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 53274c647809e8cb96a309c865940681363b44d93d9e0d3b1eae47f6386c40b5 nginx-filesystem-1.20.1-16.el9_4.6.noarch.rpm SHA-256: 65336f39b0e7ab8ba1fd0ca07d9e58cbcc799ce223d231a3d80be58b924ab81b nginx-mod-http-image-filter-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 64579e165cfc9eb281fa827e01f8317d1757556eecd546c7bc5b9de3d1e64bb9 nginx-mod-http-image-filter-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 164dfd7ff54a282c0d2474fcacddf5b156b113b34e4f5da76589a09ea0373875 nginx-mod-http-perl-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 3b07914f997b0cec730b4a9a07810777a3472898e4c880fc9df03cfe99da9975 nginx-mod-http-perl-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 55c76c3a54a5cb41f83108fc03371daea57d17267fe1ab43991453040d426fe5 nginx-mod-http-xslt-filter-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 65d05ee43f5457cbd4a525eda3543c27c0f8125a04ad01e3c67a9759600fdc5f nginx-mod-http-xslt-filter-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 6a917a2f8b8921b18a7f5757285564e32915d909ca9fc86e8d6eb44bfe55f010 nginx-mod-mail-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: ed24fe4cc734ea14f99659cd8d5436206f225d93da68414b74f7c1860a7643ee nginx-mod-mail-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 58d89e02657718305c91235767df83708a9823d007898378b89cadac4f1e765c nginx-mod-stream-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 8871e24a3e6361ae805875e4f21c175486fd24ba39bed60356240fecc38f0919 nginx-mod-stream-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 8befaad326ff3238d70fed50fddd2bb325eda0dee6346ce10ed9167dc65c623f Red Hat Enterprise Linux Server - AUS 9.4 SRPM nginx-1.20.1-16.el9_4.6.src.rpm SHA-256: bcd312498f3318799c71fa2323e752d095d119a7190bfd2cfe2933fa71312162 x86_64 nginx-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 5e3157797e37e86d1cdb0ec7932c9f7e6e6e9e71c744643b4c7ec7824ec132e8 nginx-all-modules-1.20.1-16.el9_4.6.noarch.rpm SHA-256: 5ce0755ef966d41046f4931df79619a116977d6164fdfb8d9f076caa3866dd0c nginx-core-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 398b11d3a20d7a1aeef7385960b122a8b4856cd2143b6583395ee1f9403c23e8 nginx-core-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: e3e4caa08bbefe5059cdea83357ea9a87bc90526d0b603997f6d9615df06d2b4 nginx-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 4ccdd7e69f150e9b19969038e0d13196a5186cfc40fb994bab1477b9fce9dcca nginx-debugsource-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 53274c647809e8cb96a309c865940681363b44d93d9e0d3b1eae47f6386c40b5 nginx-filesystem-1.20.1-16.el9_4.6.noarch.rpm SHA-256: 65336f39b0e7ab8ba1fd0ca07d9e58cbcc799ce223d231a3d80be58b924ab81b nginx-mod-http-image-filter-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 64579e165cfc9eb281fa827e01f8317d1757556eecd546c7bc5b9de3d1e64bb9 nginx-mod-http-image-filter-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 164dfd7ff54a282c0d2474fcacddf5b156b113b34e4f5da76589a09ea0373875 nginx-mod-http-perl-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 3b07914f997b0cec730b4a9a07810777a3472898e4c880fc9df03cfe99da9975 nginx-mod-http-perl-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 55c76c3a54a5cb41f83108fc03371daea57d17267fe1ab43991453040d426fe5 nginx-mod-http-xslt-filter-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 65d05ee43f5457cbd4a525eda3543c27c0f8125a04ad01e3c67a9759600fdc5f nginx-mod-http-xslt-filter-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 6a917a2f8b8921b18a7f5757285564e32915d909ca9fc86e8d6eb44bfe55f010 nginx-mod-mail-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: ed24fe4cc734ea14f99659cd8d5436206f225d93da68414b74f7c1860a7643ee nginx-mod-mail-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 58d89e02657718305c91235767df83708a9823d007898378b89cadac4f1e765c nginx-mod-stream-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 8871e24a3e6361ae805875e4f21c175486fd24ba39bed60356240fecc38f0919 nginx-mod-stream-debuginfo-1.20.1-16.el9_4.6.x86_64.rpm SHA-256: 8befaad326ff3238d70fed50fddd2bb325eda0dee6346ce10ed9167dc65c623f Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 SRPM nginx-1.20.1-16.el9_4.6.src.rpm SHA-256: bcd312498f3318799c71fa2323e752d095d119a7190bfd2cfe2933fa71312162 s390x nginx-1.20.1-16.el9_4.6.s390x.rpm SHA-256: 2556c994e72a1e2a552ac0845ca29871aa9c40462ecf4b2dd5fee2b449d82f2e nginx-all-modules-1.20.1-16.el9_4.6.noarch.rpm SHA-256: 5ce0755ef966d41046f4931df79619a116977d6164fdfb8d9f076caa3866dd0c nginx-core-1.20.1-16.el9_4.6.s390x.rpm SHA-256: a42f7796aee82567629b49c288863308f91458a31a33b317c49c2c0535f739e3 nginx-core-debuginfo-1.20.1-16.el9_4.6.s390x.rpm SHA-256: 52b0a36c493306e2f6841f2a19ffb8195806e548639a280ae9cee09546853245 nginx-debuginfo-1.20.1-16.el9_4.6.s390x.rpm SHA-256: dbab51e07494f8f44f627723295c745066b8daf27f676ccc6b36b40facf458fe nginx-debugsource-1.20.1-16.el9_4.6.s390x.rpm SHA-256: 553c4ceed57abcb8589235fa7e55fbaad5ad34c1963328184ebd1105df481288 nginx-filesystem-1.20.1-16.el9_4.6.noarch.rpm SHA-256: 65336f39b0e7ab8ba1fd0ca07d9e58cbcc799ce223d231a3d80be58b924ab81b nginx-mod-http-image-filter-1.20.1-16.el9_4.6.s390x.rpm SHA-256: d6e96278b8cbeef8bb5392c23343d2dca5e50b027073b7e4843fab19fb660efe nginx-mod-http-image-filter-debuginfo-1.20.1-16.el9_4.6.s390x.rpm SHA-256: 5207e989c8e7942475aabf1e4a3113ceecbf0c14ef7514bfba83c3fcd1a6af9d nginx-mod-http-perl-1.20.1-16.el9_4.6.s390x.rpm SHA-256: 8861ec0ce73fd9fb2d2338d801fb83ea32211b16491852fc7482ff37f2fc8e22 nginx-mod-http-perl-debuginfo-1.20.1-16.el9_4.6.s390x.rpm SHA-256: a243ee5d959a4d559285aa811b29b9320c1893186c3551c77cc88ca3a326d90e nginx-mod-http-xslt-filter-1.20.1-16.el9_4.6.s390x.rpm SHA-256: 070141ed6f22f204c1d7b7d7a026d2fab7fc2e39bb8babd927e94c856d1190d7 nginx-mod-http-xslt-filter-debuginfo-1.20.1-16.el9_4.6.s390x.rpm SHA-256: c0168f0aa83d23409d1cbdc36aa71e92d46370397d6002c567e5ce4ddfcf8f4e nginx-mod-mail-1.20.1-16.el9_4.6.s390x.rpm SHA-256: c61270c28ddf25f4dd57e1310ce12ef5e5b9da596320a37e5e7a38904cb18277 nginx-mod-mail-debuginfo-1.20.1-16.el9_4.6.s390x.rpm SHA-256: 0ac31f39b102e6e49e42785e42e58b65e6aeae1dcbcd366761c7e36c14754b2d nginx-mod-stream-1.20.1-16.el9_4.6.s390x.rpm SHA-256: a0005fe2f518a961b8bfd0aff85ca62b9293ad77998ea8daa4b7c93c746bd6e3 nginx-mod-stream-debuginfo-1.20.1-16.el9_4.6.s390x.rpm SHA-256: 090da880fe02a5534d53e854edc462c057d2a0cdd1343e143d845774fd445266 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 SRPM nginx-1.20.1-16.el9_4.6.src.rpm SHA-256: bcd312498f3318799c71fa2323e752d095d119a