Cve-2026-33032
1 posts

Nginx-UI MCPwn (CVE-2026-33032): Full Server Takeover With One Unauthenticated Request
A critical vulnerability in nginx-ui has been actively exploited since March 2026, and it gives any attacker on the network full control over the nginx server …