Home
Our Services
Free resources
- Privacy Research
  Free to use data privacy research
  Key Capabilities
  Latest privacy news tracking
  Product versions
  Latest privacy news tracking
  Track the latest news, breaches and fines
  Key features
  Tracks the latest breaches and fines
  View by industry
  View by breach method
  View by privacy topic
  Links to original articles
  Free to use
  
  Learn more »
  Latest Threat Intelligence
  Product versions
  Latest Threat Intelligence
  Track the Common Vulnerability Exposures (CVEs)
  Key features
  Tracks the latest vulnerabilities
  View by company
  View by breach method
  Links to NVD
  Free to use
  
  Learn more »
  Breach modelling and ROI calculator
  Product versions
  Breach modelling and ROI calculator
  Model what a breach would look like for you in your industry and use this to calculate your return on investment
  Key features
  Model your breach
  Assess the severity
  Compare by industry
  Breakdown costs
  Export to your business plan
  Free to use
  
  Learn more »
Privacy news
Company
- About Us
- FAQ
- Contact Us

18YearOld NGINX Rewrite Module Flaw Enables Unauthenticated RCE

Name: Proteus-Cyber Ltd
Address: 20-22 Wenlock Road, London, London, N1 7GU, United Kingdom
Telephone: 0208 123 7708
Price range: Competitive

Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open including a critical flaw that remained undetected for 18 years The vulnerability discovered by depthfirst is a heap buffer overflow issue impacting ngxhttprewritemodule CVE202642945 CVSS v4 score 92 that could allow an attacker to achieve remote code execution or cause a

Read the original article 14 May 2026

Key Capabilities

Latest privacy news tracking

Latest Threat Intelligence

Breach modelling and ROI calculator

18YearOld NGINX Rewrite Module Flaw Enables Unauthenticated RCE