New Nginx Exploit

A critical heap buffer overflow RCE vulnerability CVE-2026-42945 in NGINX's ngx_http_rewrite_module, present since 2008, was autonomously discovered by depthfirst's AI security analysis system alongside three related CVEs. Unauthenticated RCE via rewrite/set directives affects a massive portion of the web infrastructure.