CVE-2026-40575 - OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0

CVE-2026-34403 - Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.5, all WebSocket end

CVE-2026-33031 - Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, a user who was di

CVE-2026-40487 - Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file upload validation bypa

CVE-2026-34457 - OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions prior

CVE-2026-5501 - wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the

CVE-2026-31842 - Tinyproxy through 1.11.3 is vulnerable to HTTP request parsing desynchronization due to a case-sensi

CVE-2026-34759 - OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, multipl

CVE-2026-34830 - Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Send

CVE-2026-33026 - Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui back

CVE-2026-33032 - Nginx UI is a web user interface for the Nginx web server. In versions 2.3.5 and prior, the nginx-ui

CVE-2026-33030 - Nginx UI is a web user interface for the Nginx web server. In versions 2.3.3 and prior, Nginx-UI con

CVE-2026-33029 - Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validati

CVE-2026-33028 - Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui appl

CVE-2026-33027 - Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui conf

CVE-2026-32647 - NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might

CVE-2026-28755 - NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the

CVE-2026-28753 - NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_smtp_module module due to the

CVE-2026-27784 - The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module

CVE-2026-27654 - NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might a

CVE-2026-27651 - When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed

CVE-2026-4342 - A security issue was discovered in ingress-nginx where a combination of Ingress annotations can be u

CVE-2026-3229 - An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that caused h

CVE-2026-3288 - A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/rewrite-targ

CVE-2026-27944 - Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup e

CVE-2026-25739 - Indico is an event management system that uses Flask-Multipass, a multi-backend authentication syste

CVE-2026-2145 - A vulnerability was identified in cym1102 nginxWebUI up to 4.3.7. The impacted element is an unknown

CVE-2025-15566 - A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-s

CVE-2026-1642 - A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport La

CVE-2026-24514 - A security issue was discovered in ingress-nginx where the validating admission controller feature i

CVE-2026-24513 - A security issue was discovered in ingress-nginx where the protection afforded by the `auth-url` Ing

CVE-2026-24512 - A security issue was discovered in ingress-nginx where the `rules.http.paths.path` Ingress field can

CVE-2026-1580 - A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-method`

CVE-2026-1616 - The $uri$args concatenation in nginx configuration file present in Open Security Issue Management (O