Morning Overview on MSN

An 18-year-old heap buffer overflow in NGINX gives attackers remote code execution — billions of devices run the affected module

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...
Security Boulevard

CVE-2026-42945: Imperva Customers Protected Against Critical NGINX Rewrite Module Vulnerability

TL;DR: Researchers recently disclosed CVE-2026-42945, a critical heap-based buffer overflow vulnerability affecting both NGINX Open Source and NGINX Plus. The flaw exists within the ...
SecurityWeek

Exploitation of Critical NGINX Vulnerability Begins

Threat actors are exploiting CVE-2026-42945, a critical NGINX vulnerability that leads to remote code execution if ASLR is ...
SecurityWeek

Chrome 148 Update Patches Critical Vulnerabilities

Google has released a Chrome 148 update that resolves 79 vulnerabilities, including 14 critical-severity security defects.
Threat Post

PHP Patches Buffer Overflow Vulnerabilities

Developers at PHP recently patched a bug that can lead to a heap-based buffer overflow. UPDATE Developers at PHP recently pushed out a series of patches to fix a handful of vulnerabilities, including ...