May 142026 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE NGINX Rift CVE-2026–42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.
