Red Hat Product Errata RHSA-2026:18063 - Security Advisory Issued: 2026-05-18 Updated: 2026-05-18 RHSA-2026:18063 - Security Advisory Overview Updated Packages Synopsis Critical: nginx security update Type/Severity Security Advisory: Critical Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for nginx is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Fixes BZ - 2477116 - CVE-2026-42945 nginx: NGINX: Arbitrary Code Execution Vulnerability CVEs CVE-2026-42945 References https://access.redhat.com/security/updates/classification/#critical Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM nginx-1.26.3-2.el10_1.2.src.rpm SHA-256: dccfc0b5f2154ff3292ffaf89b712c83f9db6fd97e0f96d58efc0981e2a49b0d x86_64 nginx-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: f8d56244da510e7981b5fcc26cb8c23602486c28f393080bcde4fa884fa5d324 nginx-all-modules-1.26.3-2.el10_1.2.noarch.rpm SHA-256: 2d5ea9fc84e13ffd9624b07f8d7fab525f6da78653bb028b1a76f49bb51cdaf1 nginx-core-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: 45951261e37478adc7d9e886dbb137eda41ca61c946230998dd0f7912b3ca2e2 nginx-core-debuginfo-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: d0836b00a7438551d913caff3411d73554f995f8c5a3437c67cfd99362b688ae nginx-debuginfo-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: 9553d49cf8e5e53b6d279bbd1450f9450d3deb8d3c6e6b1e29da9e4cb31c6c15 nginx-debugsource-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: 45eeb648458fb21e8d860bce20dd725cd5862a244fc689a738fac640ac8d12d1 nginx-filesystem-1.26.3-2.el10_1.2.noarch.rpm SHA-256: cfbc49b28a9561c39b4d7d6b4a9cb421b7271aef81a27bc3b2f4e72b3992f0ae nginx-mod-http-image-filter-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: 3f23bf61b4e827c2472c62cd5d38a49a49abe7dae06a73deae6ae3cde0271c78 nginx-mod-http-image-filter-debuginfo-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: 3e57a6e9149586540bb68bc97f84ff4033577e65932ec40e1d691cf95e7d56bb nginx-mod-http-perl-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: e2a29423fcb99c7d5409e958e0d21cc3dc244d23a6e64da75ef342d586aa5249 nginx-mod-http-perl-debuginfo-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: 1b2aab8aa516dcb006d5c31a3a0119f6bd369d93d75d01fee9d440c17f520b08 nginx-mod-http-xslt-filter-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: 9bc0e2a046afba3fd3f1d8ba1410d9df3837dbfb251700b16aefa123e66467f4 nginx-mod-http-xslt-filter-debuginfo-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: 2a82a786ce3fd6f4920ff601113d119a2af7a62f1e37f8713640038473764d31 nginx-mod-mail-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: 09ad0880646d4685cf39dcca9dd8397fa7cf905d58e8bb2378f9af404c26445d nginx-mod-mail-debuginfo-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: a54c3af926a2196f642e73dc03fd2b5fec05ccd12b2803e7e73b075749a59e86 nginx-mod-stream-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: 3a53f5d7f5aecde900ee3fd073ec3ef3f3920304ddbbadb82fdf57a009c23faa nginx-mod-stream-debuginfo-1.26.3-2.el10_1.2.x86_64.rpm SHA-256: b46caa7beae820cb8f5b96962517ab74b04d53519af0a01c015fba25beac6d43 Red Hat Enterprise Linux for IBM z Systems 10 SRPM nginx-1.26.3-2.el10_1.2.src.rpm SHA-256: dccfc0b5f2154ff3292ffaf89b712c83f9db6fd97e0f96d58efc0981e2a49b0d s390x nginx-1.26.3-2.el10_1.2.s390x.rpm SHA-256: dc1b959be2a971896b70295d8643af7a8f8638acdd4ef2efa194029ea8bac877 nginx-all-modules-1.26.3-2.el10_1.2.noarch.rpm SHA-256: 2d5ea9fc84e13ffd9624b07f8d7fab525f6da78653bb028b1a76f49bb51cdaf1 nginx-core-1.26.3-2.el10_1.2.s390x.rpm SHA-256: af6e6b80d9a289f6a81269ae25a59fcb5ca01946857d39adf75dd512aff33d91 nginx-core-debuginfo-1.26.3-2.el10_1.2.s390x.rpm SHA-256: a1108cfcb4c8a5af2f68ad5ee974241693532e76a6d7e3c563fda959f23465bd nginx-debuginfo-1.26.3-2.el10_1.2.s390x.rpm SHA-256: a464f09c83f2e7d611e77a43303ad3e0476182682ca8cce85e2b0e6caf3cf76e nginx-debugsource-1.26.3-2.el10_1.2.s390x.rpm SHA-256: 5852c36fd202a4ba687df15812c5bcb24411a582babccf9737491bba00685ed8 nginx-filesystem-1.26.3-2.el10_1.2.noarch.rpm SHA-256: cfbc49b28a9561c39b4d7d6b4a9cb421b7271aef81a27bc3b2f4e72b3992f0ae nginx-mod-http-image-filter-1.26.3-2.el10_1.2.s390x.rpm SHA-256: 90a7564c4828469a320205594c092a36c6a49ee7194b9d01fed2b9b84f957c85 nginx-mod-http-image-filter-debuginfo-1.26.3-2.el10_1.2.s390x.rpm SHA-256: e272dc014efce054927e75907e566e4555422847957b18dcabd1a9089d962180 nginx-mod-http-perl-1.26.3-2.el10_1.2.s390x.rpm SHA-256: 48d77ed0d198273c6421c6a4ee6ca85be256cfe0afaeda22f44322aa410384bd nginx-mod-http-perl-debuginfo-1.26.3-2.el10_1.2.s390x.rpm SHA-256: a5934b10eaae6189f7814582cb5a5c9f8086684e880ef31e4fbefef8bc4f6875 nginx-mod-http-xslt-filter-1.26.3-2.el10_1.2.s390x.rpm SHA-256: 8ee91ddf5612b2d1cc53062a9bc9c71d7288ddf094db9274d1eca949e73c0592 nginx-mod-http-xslt-filter-debuginfo-1.26.3-2.el10_1.2.s390x.rpm SHA-256: 373661c7e264b6613f296fec893776fd2c72f0b843139fd046b26cdb471b0727 nginx-mod-mail-1.26.3-2.el10_1.2.s390x.rpm SHA-256: 9f97f0850eca475483d006714bf43e57c41c560d0ab452e089ae3fd0878eafa3 nginx-mod-mail-debuginfo-1.26.3-2.el10_1.2.s390x.rpm SHA-256: 12176a22151770f52bd001c0eba3758f3fd2e60c41c144d03bd3b6d0ffd87758 nginx-mod-stream-1.26.3-2.el10_1.2.s390x.rpm SHA-256: 9935de2641b53ac66f99884fd0cdbeeac044bbedd696d22513e8206e74efbace nginx-mod-stream-debuginfo-1.26.3-2.el10_1.2.s390x.rpm SHA-256: d9beb8a57bb2f9cdea3e2ab25d06493d57ca15d8b245030538a46f0a60df3f1b Red Hat Enterprise Linux for Power, little endian 10 SRPM nginx-1.26.3-2.el10_1.2.src.rpm SHA-256: dccfc0b5f2154ff3292ffaf89b712c83f9db6fd97e0f96d58efc0981e2a49b0d ppc64le nginx-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: eda2b069415388be03d25100d9740e1b9b8eb31a0d8957a95b886407b64d0bdc nginx-all-modules-1.26.3-2.el10_1.2.noarch.rpm SHA-256: 2d5ea9fc84e13ffd9624b07f8d7fab525f6da78653bb028b1a76f49bb51cdaf1 nginx-core-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: e69df9bff637a0d5b7a427da32d7c3c441006a23fe8641012256b0a04b8ef95b nginx-core-debuginfo-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: 9302280a9420a35d3f7bcf0caa9d5f85cf774aabe69376dca3f0d557c80af1d5 nginx-debuginfo-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: d83b6f6385a226c3c03199e33a58748ca313e065c43bf44a8f2544639b5b34a0 nginx-debugsource-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: abdffa26d886ba0b5877002cf12c0485cbc43223428b82dd735005f55bebc30e nginx-filesystem-1.26.3-2.el10_1.2.noarch.rpm SHA-256: cfbc49b28a9561c39b4d7d6b4a9cb421b7271aef81a27bc3b2f4e72b3992f0ae nginx-mod-http-image-filter-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: d20212386847f0a4bdd235d8f84873b07a00f19a1df63c580c521ce9727f71c0 nginx-mod-http-image-filter-debuginfo-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: 2a0db6b5e4b1af6fb0cb1929a8dbec1c227658d96ef86ab822294b8b6e2dac50 nginx-mod-http-perl-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: e84380d47d07ba507bab99dcc0e0a2fe8e4227933ecb4f996cbe0be048f48c82 nginx-mod-http-perl-debuginfo-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: 300859b357e290c39e572ed77cacf5ddf431d2c7b7bd86e470623aa0e9dc3e1d nginx-mod-http-xslt-filter-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: 1051653c361506f508ebeaf586bc714cc5832fb421e10e57ea0afc96426f70b7 nginx-mod-http-xslt-filter-debuginfo-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: 2c477de0a97b85df963950339ca54240e3b2af55c831de716ae1ddf2982025c9 nginx-mod-mail-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: 1c0f7d76bd68f894b93c5276211bbd45680d1f555f8315cb07c261e08c95fd99 nginx-mod-mail-debuginfo-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: 6af30651c6d9f4fea0378bce0aaa1c44b0e33cd72654b888aedc2c5c142c5467 nginx-mod-stream-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: f579d81ec75aa73a40d2995d23b18a5076efc04f4b6a4a105d40fd2516180d45 nginx-mod-stream-debuginfo-1.26.3-2.el10_1.2.ppc64le.rpm SHA-256: a8083247bf05b98465d0ed882998cebb0fc80e4a48d041ea2adbfe8246f118f8 Red Hat Enterprise Linux for ARM 64 10 SRPM nginx-1.26.3-2.el10_1.2.src.rpm SHA-256: dccfc0b5f2154ff3292ffaf89b712c83f9db6fd97e0f96d58efc0981e2a49b0d aarch64 nginx-1.26.3-2.el10_1.2.aarch64.rpm SHA-256: f19ef66b929df9a1db2bfbf31cdddba838951c021403ecd3004f3a1ba82fadbb nginx-all-modules-1.26.3-2.el10_1.2.noarch.rpm SHA-256: 2d5ea9fc84e13ffd9624b07f8d7fab525f6da78653bb028b1a76f49bb51cdaf1 nginx-core-1.26.3-2.el10_1.2.aarch64.rpm SHA-256: a36d65f97a769a74b5132759723a045005a42490dc9e54fcb92e378cf9494dfe nginx-core-debuginfo-1.26.3-2.el10_1.2.aarch64.rpm SHA-256: cf122765a7bd8d6418488fd3f48b1503881d5a5a2e1cce96a66fcc48f1c2530e nginx-debuginfo-1.26.3-2.el10_1.2.aarch64.rpm SHA-256: cffbf138ebcfdf476f611390589a1dcfcc7f892eee3521cab2c6f77b43748965 nginx-debugsource-1.26.3-2.el10_1.2.aarch64.rpm SHA-256: ba8bbf4f4c79d5dcedc1880390e5849fbe476735e38d6c08f747267d60e10df4 nginx-filesystem-1.26.3-2.el10_1.2.noarch.rpm SHA-256: cfbc49b28a9561c39b4d7d6b4a9cb421b7271aef81a27bc3b2f4e72b3992f0ae nginx-mod-http-image-filter-1.26.3-2.el10_1.2.aarch64.rpm SHA-256: e41874476d357ae9523cfe7a2f96a87e20db1fe2cd9429702d9