Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)

A critical NGINX memory-corruption flaw (CVE-2026-42945, "NGINX Rift") affecting NGINX Open Source and NGINX Plus can be triggered by crafted HTTP requests targeting specific rewrite directive patterns, enabling deterministic heap corruption that can cause DoS and — under certain conditions (specific rewrite configuration and disabled ASLR) — unauthenticated remote code execution; a public PoC was published and exploitation was observed shortly after disclosure. F5 has released patches and vendors (AlmaLinux, Ubuntu, Debian) are shipping updates; mitigation includes using named regex captures instead of unnamed captures in rewrite rules.