CVE-2026-42946

Name of the Vulnerable Software and Affected Versions NGINX (affected versions not specified)

Description An issue in the ngx http scgi module and ngx http uwsgi module modules can lead to excessive memory allocation or an over-read of data. When scgi pass or uwsgi pass is configured, an unauthenticated attacker with man-in-the-middle (MITM) capabilities—the ability to intercept and alter communications between two parties—who controls responses from an upstream server may read the memory of the NGINX worker process or cause it to restart.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.