{"vulnerability": "cve-2026-42533", "sightings": [{"uuid": "61eff754-6833-4f3c-b2f8-15e062127959", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqp35imbr32a", "content": "CVE-2026-42533\nNGINX web servers are at risk of crashing or being exploited by attackers if they use a specific configuration. An attacker can send a specially crafted HTTP request, causing the server to restart or\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-15T15:50:05.029977Z"}, {"uuid": "fd5fe5cc-fc57-4564-81ae-ac624f796f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116925017337379554", "content": "That's a lot of Fixes introduced in: NONE.\nhttps://my.f5.com/manage/s/article/K000162097\n\nA vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable in a string expression under certain conditions. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. (CVE-2026-42533)\nhttps://my.f5.com/manage/s/article/K000162097", "creation_timestamp": "2026-07-15T16:49:36.478685Z"}, {"uuid": "1b087103-678b-4ec2-8882-cfabc2bb4b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpauojijv2m", "content": "CVE-2026-42533 - NGINX Map directive and Regex matching vulnerability\nCVE ID : CVE-2026-42533\n \n Published : July 15, 2026, 2:33 p.m. | 43\u00a0minutes ago\n \n Description : A vulnerability exists in NGINX Plus and NGINX Open Source when a map\u00a0directive uses regex matching and a str...", "creation_timestamp": "2026-07-15T17:32:31.803938Z"}, {"uuid": "fd658d13-ce45-42e4-8f0c-ed3b6ef5dd7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/selfhost.directory/post/3mqpcouovz52f", "content": "\ud83d\ude80 New #release \u00b7 NGINX release-1.30.4\n\nnginx-1.30.4 stable version has been released, with fixes for buffer overflow vulnerability when using map with regex (CVE-2026-42533), memor\u2026\n\nCheck and #self-host it \u2192 selfhost.directory/project/nginx#update-5055825\n\n#selfhost #selfhosted #homelab #opensource", "creation_timestamp": "2026-07-15T18:05:05.039133Z"}, {"uuid": "5626e7e7-0605-4f8b-bf9b-ff0934afe5c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mqq5jnrowx2a", "content": "F5 patched the NGINX code execution flaw CVE-2026-42533, along with CVE-2026-60005 and CVE-2026-56434. Update NGINX Plus and Open Source builds now.\n\n#NGINX #CVE202642533 #CodeExecution #F5 #Vulnerability", "creation_timestamp": "2026-07-16T02:05:21.284846Z"}, {"uuid": "b380de32-1dcc-4660-b4c3-7c34c829f231", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/thecybersecguru.com/post/3mqqn6zxtcf22", "content": "F5 Patches High-Severity NGINX Vulnerabilities That Could Lead to Code\u00a0Execution\n\nF5 patches three high-severity NGINX vulnerabilities, including CVE-2026-42533, that could enable memory corruption, crashes, and code\u2026\n\nhttps://thecybersecguru.com/news/f5-nginx-vulnerabilities-code-execution/", "creation_timestamp": "2026-07-16T06:45:44.354072Z"}, {"uuid": "79860c2e-2130-4856-b568-2924c0c6d1bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mqrc4ik4ie2t", "content": "\ud83d\udd17 CVE : CVE-2026-42533, CVE-2026-46333, CVE-2026-52865, CVE-2026-55723, CVE-2026-56434, CVE-2026-59762, CVE-2026-60005, CVE-2026-60062, CVE-2026-60065", "creation_timestamp": "2026-07-16T13:00:07.340450Z"}, {"uuid": "721a8ffb-11e8-4500-b0b0-cce7c5fb7654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mqrfi7yo4j2y", "content": "F5 issued an out-of-band patch for 8 NGINX and BIG-IP flaws, including CVE-2026-42533, a critical heap buffer overflow in NGINX Plus and Open Source, plus high-severity issues in Ingress Controller and BIG-IP. #NGINX #BIGIP #CVE202642533", "creation_timestamp": "2026-07-16T14:00:22.770755Z"}]}