<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 04 Jul 2026 03:02:07 +0000</lastBuildDate>
    <item>
      <title>8d72d3c2-1ad4-4356-8387-9dbdf6942bdd</title>
      <link>https://vulnerability.circl.lu/sighting/8d72d3c2-1ad4-4356-8387-9dbdf6942bdd/export</link>
      <description>{"uuid": "8d72d3c2-1ad4-4356-8387-9dbdf6942bdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42224", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlgzlgsxhl2k", "content": "\ud83d\udfe0 CVE-2026-42224 - High (7.6)\n\nipl/web is a set of common web components for php projects. Prior to version 0.13.1, the vulnerab...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42224/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-09T19:54:49.947524Z"}</description>
      <content:encoded>{"uuid": "8d72d3c2-1ad4-4356-8387-9dbdf6942bdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42224", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlgzlgsxhl2k", "content": "\ud83d\udfe0 CVE-2026-42224 - High (7.6)\n\nipl/web is a set of common web components for php projects. Prior to version 0.13.1, the vulnerab...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42224/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-09T19:54:49.947524Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8d72d3c2-1ad4-4356-8387-9dbdf6942bdd/export</guid>
      <pubDate>Sat, 09 May 2026 19:54:49 +0000</pubDate>
    </item>
    <item>
      <title>a1aa958c-d130-4124-be88-3de226dd3458</title>
      <link>https://vulnerability.circl.lu/sighting/a1aa958c-d130-4124-be88-3de226dd3458/export</link>
      <description>{"uuid": "a1aa958c-d130-4124-be88-3de226dd3458", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42221", "type": "seen", "source": "https://t.me/bdufstecru/3142", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 Nginx UI \u0441\u0435\u0440\u0432\u0435\u0440\u0430 nginx \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435\n\nBDU:2026-06343\nCVE-2026-42221\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h27v-ph7w-m9fp", "creation_timestamp": "2026-05-08T13:55:55.000000Z"}</description>
      <content:encoded>{"uuid": "a1aa958c-d130-4124-be88-3de226dd3458", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42221", "type": "seen", "source": "https://t.me/bdufstecru/3142", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 Nginx UI \u0441\u0435\u0440\u0432\u0435\u0440\u0430 nginx \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435\n\nBDU:2026-06343\nCVE-2026-42221\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h27v-ph7w-m9fp", "creation_timestamp": "2026-05-08T13:55:55.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a1aa958c-d130-4124-be88-3de226dd3458/export</guid>
      <pubDate>Fri, 08 May 2026 13:55:55 +0000</pubDate>
    </item>
    <item>
      <title>595979e7-b845-439c-96a1-92833055f42f</title>
      <link>https://vulnerability.circl.lu/sighting/595979e7-b845-439c-96a1-92833055f42f/export</link>
      <description>{"uuid": "595979e7-b845-439c-96a1-92833055f42f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42225", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlccz54qx72k", "content": "CVE-2026-42225 - GnuTLS backend silently skips certificate chain verification when verify_peer is false\nCVE ID : CVE-2026-42225\n \n Published : May 7, 2026, 8:16 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : PJSIP is a free and open source multimedia communication library writ...", "creation_timestamp": "2026-05-07T23:00:14.120411Z"}</description>
      <content:encoded>{"uuid": "595979e7-b845-439c-96a1-92833055f42f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42225", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlccz54qx72k", "content": "CVE-2026-42225 - GnuTLS backend silently skips certificate chain verification when verify_peer is false\nCVE ID : CVE-2026-42225\n \n Published : May 7, 2026, 8:16 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : PJSIP is a free and open source multimedia communication library writ...", "creation_timestamp": "2026-05-07T23:00:14.120411Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/595979e7-b845-439c-96a1-92833055f42f/export</guid>
      <pubDate>Thu, 07 May 2026 23:00:14 +0000</pubDate>
    </item>
    <item>
      <title>57d99cbe-1e80-4766-98d8-60b818f6d0cf</title>
      <link>https://vulnerability.circl.lu/sighting/57d99cbe-1e80-4766-98d8-60b818f6d0cf/export</link>
      <description>{"uuid": "57d99cbe-1e80-4766-98d8-60b818f6d0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42228", "type": "seen", "source": "https://t.me/GithubRedTeam/83142", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-42228\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a rudSarkar\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-07 00:59:35\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-07T01:00:04.000000Z"}</description>
      <content:encoded>{"uuid": "57d99cbe-1e80-4766-98d8-60b818f6d0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42228", "type": "seen", "source": "https://t.me/GithubRedTeam/83142", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-42228\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a rudSarkar\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-07 00:59:35\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-07T01:00:04.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/57d99cbe-1e80-4766-98d8-60b818f6d0cf/export</guid>
      <pubDate>Thu, 07 May 2026 01:00:04 +0000</pubDate>
    </item>
    <item>
      <title>f64f5691-7186-40a1-a603-83b3aba27cd1</title>
      <link>https://vulnerability.circl.lu/sighting/f64f5691-7186-40a1-a603-83b3aba27cd1/export</link>
      <description>{"uuid": "f64f5691-7186-40a1-a603-83b3aba27cd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42222", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3ml7kkc2wue2v", "content": "\ud83d\udccc CVE-2026-42222 - Nginx UI is a web user interface for the Nginx web server. In version 2.3.5, an unauthenticated bootstrap takeover exists in nginx-ui during the initi... https://www.cyberhub.blog/cves/CVE-2026-42222", "creation_timestamp": "2026-05-06T20:37:06.658726Z"}</description>
      <content:encoded>{"uuid": "f64f5691-7186-40a1-a603-83b3aba27cd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42222", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3ml7kkc2wue2v", "content": "\ud83d\udccc CVE-2026-42222 - Nginx UI is a web user interface for the Nginx web server. In version 2.3.5, an unauthenticated bootstrap takeover exists in nginx-ui during the initi... https://www.cyberhub.blog/cves/CVE-2026-42222", "creation_timestamp": "2026-05-06T20:37:06.658726Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f64f5691-7186-40a1-a603-83b3aba27cd1/export</guid>
      <pubDate>Wed, 06 May 2026 20:37:06 +0000</pubDate>
    </item>
    <item>
      <title>e4ab0392-5925-407a-9f1d-cc96863c38e6</title>
      <link>https://vulnerability.circl.lu/sighting/e4ab0392-5925-407a-9f1d-cc96863c38e6/export</link>
      <description>{"uuid": "e4ab0392-5925-407a-9f1d-cc96863c38e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42221", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3ml7c63tf662q", "content": "\ud83d\udccc CVE-2026-42221 - Nginx UI is a web user interface for the Nginx web server. From version 2.0.0 to before version 2.3.8, an unauthenticated network attacker can claim t... https://www.cyberhub.blog/cves/CVE-2026-42221", "creation_timestamp": "2026-05-06T18:07:08.426361Z"}</description>
      <content:encoded>{"uuid": "e4ab0392-5925-407a-9f1d-cc96863c38e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42221", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3ml7c63tf662q", "content": "\ud83d\udccc CVE-2026-42221 - Nginx UI is a web user interface for the Nginx web server. From version 2.0.0 to before version 2.3.8, an unauthenticated network attacker can claim t... https://www.cyberhub.blog/cves/CVE-2026-42221", "creation_timestamp": "2026-05-06T18:07:08.426361Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e4ab0392-5925-407a-9f1d-cc96863c38e6/export</guid>
      <pubDate>Wed, 06 May 2026 18:07:08 +0000</pubDate>
    </item>
    <item>
      <title>0107f002-98ed-4ea4-9256-cabf6f30a18e</title>
      <link>https://vulnerability.circl.lu/sighting/0107f002-98ed-4ea4-9256-cabf6f30a18e/export</link>
      <description>{"uuid": "0107f002-98ed-4ea4-9256-cabf6f30a18e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42223", "type": "seen", "source": "https://gist.github.com/alon710/8f2a8c09229ab2a61f27e4872d065fac", "content": "# CVE-2026-42223: CVE-2026-42223: Authenticated Sensitive Information Disclosure in Nginx UI\n\n&amp;gt; **CVSS Score:** 6.5\n&amp;gt; **Published:** 2026-05-06\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-42223\n\n## Summary\nNginx UI versions prior to 2.3.8 suffer from an asymmetric security control enforcement vulnerability. Go's standard JSON marshaler ignores custom struct tags meant to protect sensitive configuration fields, leading to the exposure of JWT secrets, node secrets, and OIDC client credentials to any authenticated user. This allows privilege escalation to full administrator.\n\n## TL;DR\nAny authenticated user can retrieve administrative secrets (including the JWT signing key) due to flawed struct serialization, enabling total application compromise and privilege escalation.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-200\n- **Attack Vector**: Network\n- **CVSS Score**: 6.5\n- **EPSS Score**: 0.00031\n- **Impact**: Privilege Escalation / Information Disclosure\n- **Exploit Status**: Proof of Concept\n- **CISA KEV**: No\n\n## Affected Systems\n\n- Nginx UI backend API\n- Nginx UI Cluster Architecture\n- **Nginx UI**: &amp;lt; 2.3.8 (Fixed in: `2.3.8`)\n\n## Mitigation\n\n- Upgrade Nginx UI to version 2.3.8 or later.\n- Rotate all exposed secrets including JWT keys, Node secrets, OIDC Client Secrets, and third-party API tokens.\n- Monitor access logs for unauthorized access to the /api/settings endpoint.\n\n**Remediation Steps:**\n1. Download the latest Nginx UI release (v2.3.8).\n2. Stop the Nginx UI service.\n3. Replace the application binary with the updated version.\n4. Restart the Nginx UI service.\n5. Access the Nginx UI administrative panel and generate a new JWT signing secret.\n6. Navigate to the cluster configuration and rotate the node secrets across all instances.\n7. Update any external OAuth/OIDC providers with newly generated client secrets.\n\n## References\n\n- [GitHub Security Advisory GHSA-q4w7-56hr-83rm](https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-q4w7-56hr-83rm)\n- [NVD Record for CVE-2026-42223](https://nvd.nist.gov/vuln/detail/CVE-2026-42223)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-42223) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-06T17:10:29.000000Z"}</description>
      <content:encoded>{"uuid": "0107f002-98ed-4ea4-9256-cabf6f30a18e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42223", "type": "seen", "source": "https://gist.github.com/alon710/8f2a8c09229ab2a61f27e4872d065fac", "content": "# CVE-2026-42223: CVE-2026-42223: Authenticated Sensitive Information Disclosure in Nginx UI\n\n&amp;gt; **CVSS Score:** 6.5\n&amp;gt; **Published:** 2026-05-06\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-42223\n\n## Summary\nNginx UI versions prior to 2.3.8 suffer from an asymmetric security control enforcement vulnerability. Go's standard JSON marshaler ignores custom struct tags meant to protect sensitive configuration fields, leading to the exposure of JWT secrets, node secrets, and OIDC client credentials to any authenticated user. This allows privilege escalation to full administrator.\n\n## TL;DR\nAny authenticated user can retrieve administrative secrets (including the JWT signing key) due to flawed struct serialization, enabling total application compromise and privilege escalation.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-200\n- **Attack Vector**: Network\n- **CVSS Score**: 6.5\n- **EPSS Score**: 0.00031\n- **Impact**: Privilege Escalation / Information Disclosure\n- **Exploit Status**: Proof of Concept\n- **CISA KEV**: No\n\n## Affected Systems\n\n- Nginx UI backend API\n- Nginx UI Cluster Architecture\n- **Nginx UI**: &amp;lt; 2.3.8 (Fixed in: `2.3.8`)\n\n## Mitigation\n\n- Upgrade Nginx UI to version 2.3.8 or later.\n- Rotate all exposed secrets including JWT keys, Node secrets, OIDC Client Secrets, and third-party API tokens.\n- Monitor access logs for unauthorized access to the /api/settings endpoint.\n\n**Remediation Steps:**\n1. Download the latest Nginx UI release (v2.3.8).\n2. Stop the Nginx UI service.\n3. Replace the application binary with the updated version.\n4. Restart the Nginx UI service.\n5. Access the Nginx UI administrative panel and generate a new JWT signing secret.\n6. Navigate to the cluster configuration and rotate the node secrets across all instances.\n7. Update any external OAuth/OIDC providers with newly generated client secrets.\n\n## References\n\n- [GitHub Security Advisory GHSA-q4w7-56hr-83rm](https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-q4w7-56hr-83rm)\n- [NVD Record for CVE-2026-42223](https://nvd.nist.gov/vuln/detail/CVE-2026-42223)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-42223) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-06T17:10:29.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0107f002-98ed-4ea4-9256-cabf6f30a18e/export</guid>
      <pubDate>Wed, 06 May 2026 17:10:29 +0000</pubDate>
    </item>
    <item>
      <title>3f598517-8c86-4e7b-960f-6d72ea5f4adb</title>
      <link>https://vulnerability.circl.lu/sighting/3f598517-8c86-4e7b-960f-6d72ea5f4adb/export</link>
      <description>{"uuid": "3f598517-8c86-4e7b-960f-6d72ea5f4adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42220", "type": "seen", "source": "https://gist.github.com/alon710/26efd138450d4334005446be8418f3bc", "content": "# CVE-2026-42220: CVE-2026-42220: Privilege Escalation via Information Disclosure in Nginx UI\n\n&amp;gt; **CVSS Score:** 6.5\n&amp;gt; **Published:** 2026-05-05\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-42220\n\n## Summary\nAn information disclosure vulnerability in Nginx UI prior to version 2.3.8 allows authenticated users to extract the internal node secret. This secret can subsequently be abused to bypass authorization checks and escalate privileges to the administrative init user.\n\n## TL;DR\nLow-privileged authenticated users can retrieve the system's `node.secret` via the `/api/settings` endpoint. This secret can then be passed in the `X-Node-Secret` header to execute actions as the administrative init user.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE IDs**: CWE-200, CWE-863\n- **Attack Vector**: Network\n- **Authentication**: Required (Low Privilege)\n- **CVSS Score**: 6.5 / 7.5\n- **EPSS Score**: 0.00028\n- **Exploit Status**: Public PoC\n- **Impact**: Privilege Escalation\n\n## Affected Systems\n\n- Nginx UI versions &amp;lt; 2.3.8\n- **nginx-ui**: &amp;lt; 2.3.8 (Fixed in: `2.3.8`)\n\n## Mitigation\n\n- Upgrade Nginx UI to version 2.3.8 or later.\n- Rotate internal node secrets to invalidate previously leaked keys.\n- Rotate JWT signing secrets to invalidate any forged sessions.\n- Restrict network access to the Nginx UI management port.\n\n**Remediation Steps:**\n1. Download the v2.3.8 release or update the Docker image to the latest stable tag.\n2. Stop the Nginx UI service.\n3. Locate and open the app.ini configuration file.\n4. Generate new, random cryptographic values for node.secret and app.jwt_secret.\n5. Update the app.ini file with the new secret values.\n6. Start the Nginx UI service.\n7. Verify that low-privileged user accounts can no longer access administrative endpoints.\n\n## References\n\n- [Official Release v2.3.8](https://github.com/0xJacky/nginx-ui/releases/tag/v2.3.8)\n- [GitHub Security Advisory: GHSA-7jrr-xw9c-mj39](https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-7jrr-xw9c-mj39)\n- [Mitre CVE Record: CVE-2026-42220](https://www.cve.org/CVERecord?id=CVE-2026-42220)\n- [Patch Commit: 80a6a7273d43dedbd6404662893fe862a2c14bf5](https://github.com/0xJacky/nginx-ui/commit/80a6a7273d43dedbd6404662893fe862a2c14bf5)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-42220) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-05T21:10:29.000000Z"}</description>
      <content:encoded>{"uuid": "3f598517-8c86-4e7b-960f-6d72ea5f4adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42220", "type": "seen", "source": "https://gist.github.com/alon710/26efd138450d4334005446be8418f3bc", "content": "# CVE-2026-42220: CVE-2026-42220: Privilege Escalation via Information Disclosure in Nginx UI\n\n&amp;gt; **CVSS Score:** 6.5\n&amp;gt; **Published:** 2026-05-05\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-42220\n\n## Summary\nAn information disclosure vulnerability in Nginx UI prior to version 2.3.8 allows authenticated users to extract the internal node secret. This secret can subsequently be abused to bypass authorization checks and escalate privileges to the administrative init user.\n\n## TL;DR\nLow-privileged authenticated users can retrieve the system's `node.secret` via the `/api/settings` endpoint. This secret can then be passed in the `X-Node-Secret` header to execute actions as the administrative init user.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE IDs**: CWE-200, CWE-863\n- **Attack Vector**: Network\n- **Authentication**: Required (Low Privilege)\n- **CVSS Score**: 6.5 / 7.5\n- **EPSS Score**: 0.00028\n- **Exploit Status**: Public PoC\n- **Impact**: Privilege Escalation\n\n## Affected Systems\n\n- Nginx UI versions &amp;lt; 2.3.8\n- **nginx-ui**: &amp;lt; 2.3.8 (Fixed in: `2.3.8`)\n\n## Mitigation\n\n- Upgrade Nginx UI to version 2.3.8 or later.\n- Rotate internal node secrets to invalidate previously leaked keys.\n- Rotate JWT signing secrets to invalidate any forged sessions.\n- Restrict network access to the Nginx UI management port.\n\n**Remediation Steps:**\n1. Download the v2.3.8 release or update the Docker image to the latest stable tag.\n2. Stop the Nginx UI service.\n3. Locate and open the app.ini configuration file.\n4. Generate new, random cryptographic values for node.secret and app.jwt_secret.\n5. Update the app.ini file with the new secret values.\n6. Start the Nginx UI service.\n7. Verify that low-privileged user accounts can no longer access administrative endpoints.\n\n## References\n\n- [Official Release v2.3.8](https://github.com/0xJacky/nginx-ui/releases/tag/v2.3.8)\n- [GitHub Security Advisory: GHSA-7jrr-xw9c-mj39](https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-7jrr-xw9c-mj39)\n- [Mitre CVE Record: CVE-2026-42220](https://www.cve.org/CVERecord?id=CVE-2026-42220)\n- [Patch Commit: 80a6a7273d43dedbd6404662893fe862a2c14bf5](https://github.com/0xJacky/nginx-ui/commit/80a6a7273d43dedbd6404662893fe862a2c14bf5)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-42220) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-05T21:10:29.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3f598517-8c86-4e7b-960f-6d72ea5f4adb/export</guid>
      <pubDate>Tue, 05 May 2026 21:10:29 +0000</pubDate>
    </item>
    <item>
      <title>b578038d-1ae3-4f4a-8a0e-ad81a9db6c3b</title>
      <link>https://vulnerability.circl.lu/sighting/b578038d-1ae3-4f4a-8a0e-ad81a9db6c3b/export</link>
      <description>{"uuid": "b578038d-1ae3-4f4a-8a0e-ad81a9db6c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42220", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2ropkdtu2p", "content": "CVE-2026-42220 - nginx-ui: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback\nCVE ID : CVE-2026-42220\n \n Published : May 4, 2026, 9:16 p.m. | 1\u00a0hour, 4\u00a0minutes ago\n...", "creation_timestamp": "2026-05-04T23:01:32.650480Z"}</description>
      <content:encoded>{"uuid": "b578038d-1ae3-4f4a-8a0e-ad81a9db6c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42220", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2ropkdtu2p", "content": "CVE-2026-42220 - nginx-ui: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback\nCVE ID : CVE-2026-42220\n \n Published : May 4, 2026, 9:16 p.m. | 1\u00a0hour, 4\u00a0minutes ago\n...", "creation_timestamp": "2026-05-04T23:01:32.650480Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b578038d-1ae3-4f4a-8a0e-ad81a9db6c3b/export</guid>
      <pubDate>Mon, 04 May 2026 23:01:32 +0000</pubDate>
    </item>
    <item>
      <title>269827d3-9635-448f-bcb6-f8d7b5c7da63</title>
      <link>https://vulnerability.circl.lu/sighting/269827d3-9635-448f-bcb6-f8d7b5c7da63/export</link>
      <description>{"uuid": "269827d3-9635-448f-bcb6-f8d7b5c7da63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42222", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2rfr4mdo2n", "content": "CVE-2026-42222 - nginx-ui: Unauthenticated first-boot instance claim via POST /api/install allows remote bootstrap takeover\nCVE ID : CVE-2026-42222\n \n Published : May 4, 2026, 9:16 p.m. | 1\u00a0hour, 4\u00a0minutes ago\n \n Description : Nginx UI is a web user interface for the Nginx web...", "creation_timestamp": "2026-05-04T22:56:32.208675Z"}</description>
      <content:encoded>{"uuid": "269827d3-9635-448f-bcb6-f8d7b5c7da63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42222", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2rfr4mdo2n", "content": "CVE-2026-42222 - nginx-ui: Unauthenticated first-boot instance claim via POST /api/install allows remote bootstrap takeover\nCVE ID : CVE-2026-42222\n \n Published : May 4, 2026, 9:16 p.m. | 1\u00a0hour, 4\u00a0minutes ago\n \n Description : Nginx UI is a web user interface for the Nginx web...", "creation_timestamp": "2026-05-04T22:56:32.208675Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/269827d3-9635-448f-bcb6-f8d7b5c7da63/export</guid>
      <pubDate>Mon, 04 May 2026 22:56:32 +0000</pubDate>
    </item>
  </channel>
</rss>
