Hackers Actively Exploit ‘Nginx Rift’ Vulnerability Affecting NGINX, F5 Products

A high-severity heap buffer overflow (CVE-2026-42945, “Nginx Rift”) in NGINX's ngx_http_rewrite_module affects many NGINX and F5-tied products; a public PoC and exploit script were published and within days honeypots observed active exploitation. While the flaw carries an 8.1 CVSS and could enable RCE under weakened defenses (ASLR disabled), current real-world activity is reported primarily as reliable denial-of-service against worker processes; vendors and distributors have released patches and configuration mitigations (use named captures) to reduce exposure.