Critical Nginx UI auth bypass flaw now actively exploited in the wild
Summary
A critical vulnerability in Nginx UI (CVE-2026-33032) leaves an unprotected endpoint that allows attackers to invoke privileged actions without logging in, enabling complete takeover of the web server by modifying configuration files. The flaw is being actively exploited in the wild, with over 2,600 publicly exposed instances at risk. Nginx UI is a popular web-based management interface for the Nginx web server, used by many organizations to control their servers.
Solution / Mitigation
Nginx released a fix in version 2.3.4 on March 15. The latest secure version is 2.3.6, released the week after the source was published. System administrators are recommended to apply these security updates as soon as possible.
Classification
Affected Vendors
Related Issues
Original source: https://www.bleepingcomputer.com/news/security/critical-nginx-ui-auth-bypass-flaw-now-actively-exploited-in-the-wild/
First tracked: April 15, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 75%