> TritonInfoSec News
Home / Jun 20, 2026 / Story
0
#6 The Hacker News general June 18, 2026 at 17:32 UTC

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

By [email protected] (The Hacker News)

AI Summary

F5 patched two critical vulnerabilities in NGINX Open Source, including CVE-2026-42530 (CVSS v4: 9.2), a use-after-free flaw in ngx_http_v3_module exploitable by remote unauthenticated attackers, enabling potential arbitrary code execution. Given NGINX's ubiquity as a web server and reverse proxy across enterprise and cloud environments, these flaws carry broad exposure risk. Organizations should apply F5's security updates immediately.

Read full article → https://thehackernews.com/2026/06/f5-patches-two-c…

Relevance score: 82.0/100

# More from June 20

  1. 1
    CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices The Hacker News
  2. 2
    Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites The Hacker News
  3. 3
    CISA: Splunk Enterprise flaw actively exploited, patch by Sunday BleepingComputer
  4. 4
    Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain The Hacker News
  5. 5
    Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data The Hacker News
  6. 7
    Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2 The Hacker News
  7. 8
    The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes The Hacker News
  8. 9
    Texas govt data breach exposes over 3 million driver’s licenses BleepingComputer
  9. 10
    Critical Command Execution Vulnerability Patched in Cisco ISE SecurityWeek