IOC Radar
TLP:WHITE1 IOC

CVE-2026-42945: 18-Year-Old NGINX Rewrite Flaw May Enable Unauthenticated RCE

SP
SOC Prime
Published May 14, 2026Original Report

Diamond Model

Attack Flow4 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1190
1/4
Exploit Public-Facing Application
ActionExploit NGINX rewrite vulnerability
An unauthenticated attacker sends crafted HTTP requests to exploit a heap buffer overflow in the NGINX rewrite module.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
CVECVE-2026-42945
exploitintel-blogmalware
High
59
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
CVE
CVE1REPORTCVE-2026-42945: 18-Year-Ol
scroll to zoom · drag to pan · click IOC to open