The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
Dark Reading

Critical MCP Integration Flaw Puts NGINX at Risk

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration ...
SecurityWeek

Exploited Vulnerability Exposes Nginx Servers to Hacking

A critical Nginx UI vulnerability that allows attackers to take full control of servers has been exploited in the wild.

Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...
CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...
Cyber Daily

Update now: Active exploitation of Nginx UI vulnerability CVE-2026-33032 underway

“CVE-2026-33032 is a missing authentication bug with a CVSS score of 9.8; as a result of missing authentication controls, an ...
Infosecurity Magazine

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

A critical authentication bypass in nginx-ui, a widely used open-source web interface for managing nginx servers, has been ...
Business Wire

F5 Launches NGINX One, Simplifies App Security and Delivery for Dev, Ops, and Platform Teams

Provides enterprise-grade security, availability, observability, and scalability of modern apps and APIs Optimizes performance across diverse data center, cloud, and edge environments Unifies NGINX ...
TechRepublic

5 tips for better NGINX security that any admin can handle

Our server information for all to see. 5 tips for better NGINX security that any admin can handle Your email has been sent If you're about to deploy an NGINX server, you might want to take a few steps ...