Tuesday , July 14 2026
nginx-poolslip

“nginx-poolslip” NGINX 0-Day Affects Millions of NGINX Servers To RCE

A security flaw dubbed nginx-poolslip has been revealed in NGINX version 1.31.0, the newest stable version of the most used web server software. The discovery, made by security researcher Vega of the NebSec security team, was announced via X (formerly Twitter) on May 21, 2026, sending shockwaves through the global security community.

Meta’s louisiana data center to exceed 250 billion price tag

Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
Meta’s louisiana data center to exceed 250 billion price tag

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

Just weeks ago, managers all over the world rushed to fix CVE-2026-42945. This is a serious flaw in NGINX’s ngx_http_rewrite_module with a CVSS v4 score of 9.2.

The flaw put about 5.7 million internet-facing NGINX servers at risk of denial-of-service attacks and conditional RCE. F5 fixed it in NGINX Open Source versions 1.31.0 and 1.30.1, which is the version that nginx-poolslip is aiming for.

New NGINX 0-Day “nginx-poolslip”

nginx-poolslip takes advantage of a mistake in how NGINX manages its memory. This lets attackers who are not logged in run code from a distance and might take over the whole system.

This flaw allows users to get around Address Space Layout Randomization (ASLR), which is a basic memory protection in the operating system meant to stop this type of memory corruption.

The attack surface traces back to an nginx-rift predecessor vulnerability, which affected earlier NGINX versions and was subsequently patched. NebSec’s research shows that the fix for nginx-rift did not solve the main memory pool issue. This means that nginx-poolslip could still appear in the new code.

NGINX runs around 30–40% of all web servers in the world. It is used for busy websites, reverse proxies, load balancers, and API gateways. nginx-poolslip only affects version 1.31.0, so admins quickly deployed the patch. After CVE-2026-42945, organizations that were careful might now face a new, unpatched risk.

CSN says there is no CVE ID given, and there is no official fix from F5/NGINX yet. NebSec will keep the full technical details secret for 30 days. This includes how to bypass ASLR until an official fix comes out.

Mitigations

Until an official patch is released, administrators should take the following interim measures:

Monitor NebSec and F5 security advisories closely for patch availability
Restrict public exposure of NGINX admin interfaces and deploy WAF rules to reduce the attack surface
Ensure ASLR is enforced system-wide by setting /proc/sys/kernel/randomize_va_space to 2Audit NGINX configurations for rewrite, if, and set directives using unnamed PCRE capture groups — a known precondition for pool-level memory corruption
Evaluate memory-safe alternatives such as Cloudflare Pingora for mission-critical infrastructure

Organizations are strongly advised to sign up for F5’s security updates and get ready for emergency patching as a quick fix is expected soon.

Check Also

Tenda

CERT/CC Alerts to Hidden Admin Backdoor in Tenda Router Firmware

Several Tenda firmware versions have a hidden backdoor that lets people gain admin access to …