The Hacker News · Jun 18, 2026 17:32 UTC

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

Summary

F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems. The vulnerabilities are listed below - CVE-2026-42530 (CVSS v4 score: 9.2) - A use-after-free vulnerability in the ngx_http_v3_module that could be triggered by a remote unauthenticated attacker when NGINX Open Source is

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

Original reporting

Related coverage

Copilot searched your mailbox. LiteLLM handed out admin keys. Run this 5-check audit before your stack is next

FIFA Bug Exposes World Cup Streams to Remote Takeover

New AI optimization framework beats Claude Code and Codex by 2.5x on the same compute budget