New NGINX JavaScript Vulnerability Can Crash Servers and May Allow Code Execution

A newly disclosed NGINX JavaScript vulnerability can let unauthenticated remote attackers crash affected NGINX worker processes and, in specific conditions, execute code. The flaw is tracked as CVE-2026-8711 and affects NGINX JavaScript, also known as njs. The issue does not affect every NGINX installation. It applies to deployments using vulnerable njs versions with a risky […] The post New NGINX JavaScript Vulnerability Can Crash Servers and May Allow Code Execution appeared first on VPN Central.