Post #18448

📰 Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild.The vulnerability in question is CVE-2026-33032 (CVSS score: 9.8), an authentication bypass vulnerability that enables threat actors to seize control of the Nginx service. It has been codenamed MCPwn by Pluto Security.". 🔗 Source: https://thehackernews.com/2026/04/critical-nginx-ui-vulnerability-cve.html #nginx#opensource#security