Critical NGINX Vulnerability CVE-2026-42945 Exposes Servers to Remote Code Execution

**Critical NGINX Vulnerability (CVE-2026-42945) enables unauthenticated remote code execution via a heap-based buffer overflow in ngx_http_rewrite_module when certain unnamed PCRE captures and replacement strings are used; a PoC was published on 2026-05-13.** Immediate remediation is to upgrade to fixed NGINX releases or modify rewrite/if/set directives to avoid the vulnerable pattern.