NGINX Poolslip Vulnerability Can Crash Workers and May Enable Code Execution

NGINX administrators should patch a newly disclosed rewrite module vulnerability tracked as CVE-2026-9256. The issue, also being called nginx-poolslip, affects NGINX Open Source and NGINX Plus configurations that use overlapping PCRE captures in certain rewrite rules. The NGINX security advisory page lists the flaw as a buffer overflow in ngx_http_rewrite_module. The project says NGINX Open […]

The post NGINX Poolslip Vulnerability Can Crash Workers and May Enable Code Execution appeared first on VPN Central.