NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
RedSide Security May 17, 2026 CVE 90 views
A critical NGINX vulnerability tracked as CVE-2026-42945 is now being actively exploited in the wild, just days after public disclosure. The flaw allows attackers to crash NGINX worker processes and potentially achieve remote code execution under specific conditions. At the same time, threat actors have also begun weaponizing multiple critical vulnerabilities in openDCIM to deploy PHP web shells and gain remote access to exposed systems.