Critical security vulnerability in Nginx UI closed again

Important security updates close multiple vulnerabilities in the web UI for nginx web servers Nginx UI. Attackers can take ...
CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...
Infosecurity Magazine

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

A critical authentication bypass in nginx-ui, a widely used open-source web interface for managing nginx servers, has been actively exploited in the wild. The vulnerability, tracked as CVE-2026-33032 ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
Arabian Post

Nginx-ui breach risk grows under live attacks

The GitHub-linked advisory and NVD record show the CVE was published on March 30, while the NVD page lists nginx-ui versions ...
Dark Reading

Critical MCP Integration Flaw Puts NGINX at Risk

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration ...