TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
View original
The Hacker News avatar

TGINSIGHT POST

Post #8807

@thehackernews

The Hacker News

Views9,720Post view count
PostedApr 1504/15/2026, 01:02 PM
Post content

Post content

🚨 A critical nginx-ui flaw is now exploited in the wild. CVE-2026-33032 (9.8) allows auth bypass via the /mcp_message endpoint, letting attackers take full control of Nginx with two HTTP requests due to an “allow-all” default. 🔗 Details here → https://thehackernews.com/2026/04/critical-nginx-ui-vulnerability-cve.html