{"uuid": "48d92cb9-22ae-4191-9819-1657508ecda8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42238", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116519025945473134", "content": "\ud83d\udd25 CRITICAL: CVE-2026-42238 in 0xJacky nginx-ui (<2.3.8) lets remote attackers gain root by exploiting an unauthenticated backup restore endpoint in the first 10 min. Patch to 2.3.8 now! https://radar.offseq.com/threat/cve-2026-42238-cwe-94-improper-control-of-generati-88b6fe8d #OffSeq #nginx #infosec #vuln", "creation_timestamp": "2026-05-05T00:00:42.224154Z"}