CVE-2026-42946
NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability
In short
NGINX's SCGI and UWSGI modules have a flaw that allows an attacker positioned between NGINX and its backend server to read worker memory or crash NGINX by sending malicious responses. This affects servers using these modules without proper protection.
Technical detail
The vulnerability exists in ngx_http_scgi_module and ngx_http_uwsgi_module, allowing an unauthenticated MITM attacker to trigger excessive memory allocation (CWE-789) or out-of-bounds reads (CWE-823) via crafted upstream responses when scgi_pass or uwsgi_pass directives are configured. Successful exploitation can lead to information disclosure from worker process memory or denial of service through process restart.
Summary generated and translated by AI from the official description.
A vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module modules that may result in excessive memory allocation or an over-read of data. When scgi_pass or uwsgi_pass is configured, an unauthenticated attacker with man-in-the-middle (MITM) ability to control responses from an upstream server may be able to read the memory of the NGINX worker process or restart it. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →