A critical vulnerability in Nginx allows a remote attacker to exploit it for remote code execution, security restriction bypass, information disclosure, and denial of service. Affected versions are Nginx stable prior to version 1.30.2 and Nginx mainline prior to version 1.31.1. The solution is to apply the fixes provided by the vendor at the specified URL.
A vulnerability was identified in Nginx. A remote attacker could exploit this vulnerability to trigger remote code execution, security restriction bypass, sensitive information disclosure and denial of service condition on the targeted system. Impact Remote Code Execution Security Restriction Bypass Information Disclosure Denial of Service System / Technologies affected Nginx version prior to nginx-1.30.2 stable Nginx version prior to nginx-1.31.1 mainline Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor: https://nginx.org/2026.html