CVE-2026-42945: NGINX Rewrite Heap Overflow Enables Remote DoS & Potential RCE

**CVE-2026-42945 (CVSSv3 8.1)** is a remotely reachable heap-based buffer overflow in NGINX's rewrite module (ngx_http_rewrite_module) that can cause worker crashes (Denial of Service) and — in some environments, especially with ASLR disabled — potential unauthenticated RCE; it affects NGINX Open Source versions 0.6.27 through 1.30.0 with fixes in 1.30.1+ (and NGINX Plus R32 P6 / R36 P4). The advisory explains the specific rewrite-pattern trigger (unnamed PCRE captures with a question mark in the replacement and chained directives), the mismatch in size vs write passes that leads to overflow, notes a public PoC demonstrating RCE with ASLR disabled, and recommends immediate patching or removing/refactoring risky rewrite rules if patching is delayed.