AI Security Open Source Hardware Policy Apple

#nginx

Related: #ai-security · 1 #cve-2026-42945 · 1 #depthfirst · 1 #f5 · 1 #heap-overflow · 1 #rce · 1 #security · 1

Stylized illustration of remote code execution attack flow

F5 patched an 18-year-old NGINX bug. Attackers can RCE a third of the web with one crafted request.

F5 disclosed CVE-2026-42945 on May 13 after depthfirst's analyzer found a heap overflow in a 2008 commit. NGINX 1.31.0 ships the patch, every Plus tier needs an upgrade.