無料スキャン
HIGHCVE-2026-42945CVSS 8.1

CVE-2026-42945: Heap Overflow in NGINX Plus/Open Source

プラットフォーム

nginx

コンポーネント

ngx_http_rewrite_module

修正版

R36 P4

NVDで見る
保存
あなたの言語に翻訳中…

A vulnerability has been identified in NGINX Plus and NGINX Open Source affecting the ngxhttprewrite_module module. This flaw stems from improper handling of PCRE capture groups within rewrite directives, specifically when a question mark (?) is used in the replacement string. Successful exploitation can lead to a heap buffer overflow, potentially causing the NGINX worker process to restart, disrupting service availability. Affected versions include those prior to R36 P4, with a fix available in R36 P4.

影響と攻撃シナリオ翻訳中…

The primary impact of CVE-2026-42945 is a denial-of-service (DoS) condition. An unauthenticated attacker, under specific conditions, can craft malicious HTTP requests that trigger a heap buffer overflow within the NGINX worker process. This overflow results in the process restarting, leading to service interruption and potential data loss if the application relies on the NGINX worker. While the vulnerability doesn't directly lead to remote code execution, the process restart can be disruptive and may be leveraged as part of a broader attack chain to destabilize a system. The blast radius extends to any service relying on the affected NGINX instance.

悪用の状況翻訳中…

CVE-2026-42945 was published on May 13, 2026. Its severity is rated HIGH with a CVSS score of 8.1. Currently, there are no publicly available exploits or active campaigns targeting this vulnerability. It is not listed on CISA KEV or EPSS, indicating a low to medium probability of exploitation in the near term. Monitor security advisories and threat intelligence feeds for any changes in this assessment.

脅威インテリジェンス

エクスプロイト状況

概念実証不明
CISA KEVNO
インターネット露出
レポート18 件の脅威レポート

CISA SSVC

悪用状況none
自動化可能no
技術的影響total

CVSS ベクトル

脅威インテリジェンス· CVSS 3.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H8.1HIGHAttack VectorNetwork攻撃者がターゲットに到達する方法Attack ComplexityHigh悪用に必要な条件Privileges RequiredNone攻撃に必要な認証レベルUser InteractionNone被害者の操作が必要かどうかScopeUnchanged影響コンポーネント外への波及ConfidentialityHigh機密データ漏洩のリスクIntegrityHigh不正データ改ざんのリスクAvailabilityHighサービス障害のリスクnextguardhq.com · CVSS v3.1 基本スコア
これらのメトリクスの意味は?
Attack Vector
ネットワーク — インターネット経由でリモートから悪用可能。物理・ローカルアクセス不要。
Attack Complexity
高 — 競合条件、非標準設定、または特定の状況が必要。悪用が難しい。
Privileges Required
なし — 認証不要。資格情報なしで悪用可能。
User Interaction
なし — 自動かつ無音の攻撃。被害者は何もしない。
Scope
変化なし — 影響は脆弱なコンポーネントのみ。
Confidentiality
高 — 機密性の完全喪失。全データが読み取り可能。
Integrity
高 — 任意のデータの書き込み・変更・削除が可能。
Availability
高 — 完全なクラッシュまたはリソース枯渇。完全なサービス拒否。

影響を受けるソフトウェア

コンポーネントngx_http_rewrite_module
ベンダーF5
最大バージョンR36 P4
修正版R36 P4

弱点分類 (CWE)

CWE-122

タイムライン

  1. 予約済み
  2. 公開日
  3. 更新日

緩和策と回避策翻訳中…

The recommended mitigation for CVE-2026-42945 is to upgrade to NGINX Plus or NGINX Open Source version R36 P4 or later, which includes the fix. If immediate upgrading is not possible, consider implementing temporary workarounds. Carefully review all rewrite, if, and set directives within your NGINX configuration, paying close attention to those utilizing PCRE capture groups with question marks in replacement strings. Removing or modifying these directives can prevent exploitation. WAF rules can be configured to filter requests containing suspicious patterns, but this is not a substitute for patching. Monitor NGINX logs for unusual activity or frequent process restarts, which could indicate exploitation attempts. After upgrading, confirm the fix by sending a crafted HTTP request designed to trigger the vulnerability and verifying that the worker process does not restart.

修正方法翻訳中…

Actualice NGINX Plus a la versión R36 P4 o superior, NGINX Open Source a la versión 1.31.1 o superior, o a las versiones especificadas en el aviso de seguridad para mitigar el riesgo de desbordamiento del búfer de la pila y posible ejecución de código.

よくある質問翻訳中…

What is CVE-2026-42945 — Heap Overflow in NGINX Plus/Open Source?

CVE-2026-42945 is a HIGH severity vulnerability in NGINX Plus and Open Source's rewrite module. Crafted HTTP requests can trigger a heap buffer overflow, leading to a worker process restart and potential service disruption. It affects versions ≤R36 P4.

Am I affected by CVE-2026-42945 in NGINX Plus/Open Source?

If you are running NGINX Plus or Open Source versions prior to R36 P4 and utilize rewrite directives with PCRE capture groups and question marks, you are potentially affected. Check your version and configuration immediately.

How do I fix CVE-2026-42945 in NGINX Plus/Open Source?

Upgrade to NGINX Plus or Open Source version R36 P4 or later. As a temporary workaround, review and modify your NGINX configuration to remove or alter vulnerable rewrite directives.

Is CVE-2026-42945 being actively exploited?

Currently, there are no publicly known active exploits or campaigns targeting CVE-2026-42945. However, it's crucial to apply the fix or implement workarounds to mitigate potential risk.

Where can I find the official NGINX advisory for CVE-2026-42945?

Refer to the official NGINX security advisory for detailed information and updates: [https://nginx.com/security/advisories/](https://nginx.com/security/advisories/)

あなたのプロジェクトは影響を受けていますか?

依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。

無料スキャンCVEを検索
稼働中無料スキャン

今すぐ試す — アカウント不要

任意のマニフェスト(composer.lock、package-lock.json、WordPressプラグインリストなど)をアップロードするか、コンポーネントリストを貼り付けてください。脆弱性レポートを即座に入手できます。ファイルのアップロードはほんの始まりです。アカウントがあれば、継続的なモニタリング、Slack/メールアラート、マルチプロジェクト、ホワイトラベルレポートが使用できます。

手動スキャンSlack/メールアラートContinuous monitoringホワイトラベルレポート

依存関係ファイルをドラッグ&ドロップ

composer.lock、package-lock.json、requirements.txt、Gemfile.lock、pubspec.lock、Dockerfile...