PatchSiren cyber security CVE debrief
CVE-2026-42946 F5 CVE debrief
A vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module modules of NGINX that may result in excessive memory allocation or an over-read of data. When scgi_pass or uwsgi_pass is configured, an unauthenticated attacker with man-in-the-middle (MITM) ability to control responses from an upstream server may be able to read the memory of the NGINX worker process or restart it.
- Vendor
- F5
- Product
- NGINX Plus
- CVSS
- HIGH 8.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-13
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-05-13
- Advisory updated
- 2026-06-16
Who should care
Users of NGINX who have configured scgi_pass or uwsgi_pass are potentially affected by this vulnerability.
Technical summary
The vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module modules of NGINX. An unauthenticated attacker with MITM ability to control responses from an upstream server may be able to read the memory of the NGINX worker process or restart it.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by the vendor to address the vulnerability.
- Configure NGINX to use secure communication protocols to prevent MITM attacks.
- Monitor NGINX worker process memory usage and restart the process if necessary.
Evidence notes
The vulnerability has a CVSS score of 8.3 and is considered HIGH severity.
Official resources
-
CVE-2026-42946 CVE record
CVE.org
-
CVE-2026-42946 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Mitigation, Vendor Advisory
CVE-2026-42946 was published on 2026-05-13T16:16:50.340Z and modified on 2026-06-16T19:58:09.040Z.