{"vulnerability": "CVE-2026-4253", "sightings": [{"uuid": "38bb3b83-79a1-40bd-9232-067f85e9e926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42539", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mm7rh74g2w2u", "content": "[SBA-ADV-20260126-04] CVE-2026-42539: DFIR-IRIS before 2.4.28 Excessive Data Exposure", "creation_timestamp": "2026-05-19T16:05:50.806386Z"}, {"uuid": "3a0e6d1c-fa1d-46c3-ae72-1ce5d7389e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42534", "type": "seen", "source": "https://social.nlnetlabs.nl/users/nlnetlabs/statuses/116606458492280712", "content": "\ud83d\udea8 SECURITY RELEASE \ud83d\udea8Today we released Unbound 1.25.1, which consolidates security fixes for issues reported over a period of time. \nThere are fixes for CVE-2026-33278, CVE-2026-42944, CVE-2026-42959, CVE-2026-32792, CVE-2026-40622, CVE-2026-41292, CVE-2026-42534, CVE-2026-42923, CVE-2026-42960, CVE-2026-44390 and CVE-2026-44608.\nPlease read the release notes carefully and plan to upgrade. \n#DNS #DNSSEC #Mythos #LLM #OpenSource \nhttps://community.nlnetlabs.nl/t/unbound-1-25-1-released/3392", "creation_timestamp": "2026-05-20T10:36:25.372758Z"}, {"uuid": "c53b3b6f-c7c1-4184-a776-83581017db39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42534", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmbps2tve32k", "content": "CVE-2026-42534 - Jostle logic bypass degrades resolution performance\nCVE ID : CVE-2026-42534\n \n Published : May 20, 2026, 9:19 a.m. | 55\u00a0minutes ago\n \n Description : NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat...", "creation_timestamp": "2026-05-20T10:41:27.315283Z"}, {"uuid": "20589264-fc65-4662-ac47-e30311eee891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42538", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnip5nee5r2q", "content": "CVE-2026-42538 - IRIS has an Insecure File Upload\nCVE ID : CVE-2026-42538\n \n Published : June 4, 2026, 9:16 p.m. | 1\u00a0hour, 14\u00a0minutes ago\n \n Description : IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Version...", "creation_timestamp": "2026-06-04T22:43:51.963879Z"}, {"uuid": "f3810443-42be-41f1-b0a2-e2b1473093ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42539", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnirkk6m7z2f", "content": "CVE-2026-42539 - IRIS has an Excessive Data Exposure issue\nCVE ID : CVE-2026-42539\n \n Published : June 4, 2026, 10:16 p.m. | 14\u00a0minutes ago\n \n Description : IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versi...", "creation_timestamp": "2026-06-04T23:26:52.462499Z"}, {"uuid": "c3dd2f19-a6cb-44eb-89ab-48be53bb7047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42536", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnsolmbovy2r", "content": "CVE-2026-42536: Apache HTTP Server: mod_xml2enc heap overflow", "creation_timestamp": "2026-06-08T22:00:24.460020Z"}, {"uuid": "0de60ea2-1570-4bf3-97d8-b9f6babbcf30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42536", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnsrxlori626", "content": "\ud83d\udfe0 CVE-2026-42536 - High (7.5)\n\nHeap-based Buffer Overflow vulnerability in Apache HTTP Server with\u00a0mod_xml2enc, xml2StartParse,...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42536/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-08T23:00:48.440763Z"}, {"uuid": "5983b7bc-a11a-4069-a3d2-db415d8e2a99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42536", "type": "seen", "source": "https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-apache-http-server", "content": "", "creation_timestamp": "2026-06-09T00:51:01.000000Z"}, {"uuid": "0297db51-7da4-46a5-ab47-6c8f62a00ea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42535", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3mnu2uq6ygc2l", "content": "SIOS\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d6\u30ed\u30b0\u3092\u66f4\u65b0\u3057\u307e\u3057\u305f\u3002\n\nApache\u306e\u8106\u5f31\u6027(Moderate: CVE-2026-34355, CVE-2026-42535, CVE-2026-43951, CVE-2026-44119, CVE-2026-44186, CVE-2026-49975, Low:\u8907\u6570)\u30682.4.68\u30ea\u30ea\u30fc\u30b9\n\n#sios_tech #security #vulnerability #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u8106\u5f31\u6027 #apache \n\nsecurity.sios.jp/vulnerabilit...", "creation_timestamp": "2026-06-09T11:12:57.609193Z"}, {"uuid": "4444c190-a217-4ce8-8cb0-1938f4de718c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42535", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnu7hq6yhy25", "content": "\ud83d\udd17 CVE : CVE-2026-29167, CVE-2026-29170, CVE-2026-34355, CVE-2026-34356, CVE-2026-42535, CVE-2026-42536, CVE-2026-43951, CVE-2026-44119, CVE-2026-44185, CVE-2026-44186, CVE-2026-44631, CVE-2026-48913, CVE-2026-49975", "creation_timestamp": "2026-06-09T12:35:08.846237Z"}, {"uuid": "4aca07ff-47d5-4ebe-9c08-c226ec7fc73e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42536", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnu7hq6yhy25", "content": "\ud83d\udd17 CVE : CVE-2026-29167, CVE-2026-29170, CVE-2026-34355, CVE-2026-34356, CVE-2026-42535, CVE-2026-42536, CVE-2026-43951, CVE-2026-44119, CVE-2026-44185, CVE-2026-44186, CVE-2026-44631, CVE-2026-48913, CVE-2026-49975", "creation_timestamp": "2026-06-09T12:35:09.036728Z"}, {"uuid": "bfe70b52-3425-4f80-aab9-bdd16f48c3a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42535", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/apache-http-server-multiple-vulnerabilities_20260610", "content": "", "creation_timestamp": "2026-06-09T18:00:00.000000Z"}, {"uuid": "5caa4d50-421b-4bf3-8302-d1835b6198ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42536", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/apache-http-server-multiple-vulnerabilities_20260610", "content": "", "creation_timestamp": "2026-06-09T18:00:00.000000Z"}, {"uuid": "f83d827f-074f-499c-ba98-94755e44593b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivbi45fe2b", "content": "CVE-2026-42530 - NGINX Open-Source ngx_http_v3_module vulnerability\nCVE ID : CVE-2026-42530\n \n Published : June 17, 2026, 2:04 p.m. | 3\u00a0hours, 4\u00a0minutes ago\n \n Description : NGINX Open Source has a vulnerability in the ngx_http_v3_module\u00a0module. When NGINX Open Source is confi...", "creation_timestamp": "2026-06-17T17:58:34.658348Z"}, {"uuid": "e87e9347-172c-474c-a0f6-66dfd79ebd3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3moivjizel522", "content": "\ud83d\udcf0 CVE-2026-42530: Nginx 1.30.2 and Nginx 1.31.2\n\nDetails for CVE-2026-42530, potentially affecting Nginx versions 1.30.2 and 1.31.2, are not accessible in the provided content. The article consis...\n\nhttps://tinyurl.com/28yq6x9p #TechNews #CrustyTLDR", "creation_timestamp": "2026-06-17T18:03:06.266969Z"}, {"uuid": "4ef1dd73-70c2-49c4-8811-6cbed306a0ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1927", "content": "", "creation_timestamp": "2026-06-17T21:00:00.000000Z"}, {"uuid": "572e4709-0f79-4a8a-93b2-924175f5e0f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1929", "content": "", "creation_timestamp": "2026-06-17T21:00:00.000000Z"}, {"uuid": "4ff3409d-48c7-48e8-860f-6b3709d9d596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mokvn4bbjd2j", "content": "\ud83d\udd17 CVE : CVE-2026-42055, CVE-2026-42530, CVE-2026-48142", "creation_timestamp": "2026-06-18T13:10:33.453997Z"}, {"uuid": "ad783868-21b7-45d7-9ec6-836f5a6baaca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/news.karthihegde.dev/post/3mokx4lsc7y2t", "content": "CVE-2026-42530: Use after free in nginx HTTP/3 QUIC module\nDiscussion | lobsters | Author: jmillikin", "creation_timestamp": "2026-06-18T13:36:57.771784Z"}, {"uuid": "cef1f80c-0d20-479c-8b74-788797a51e1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/lobsters-feed.bsky.social/post/3mokxc53qwe24", "content": "CVE-2026-42530: Use after free in nginx HTTP/3 QUIC module https://lobste.rs/s/pbvqlz #security ", "creation_timestamp": "2026-06-18T13:40:03.778259Z"}, {"uuid": "075e6891-453a-4faa-bb2b-2b6865159f9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116771677218326138", "content": "A lot of offensive activities were identified targeting F5 NGINX Open Source (CVE-2026-42530) https://vuldb.com/vuln/372026/cti", "creation_timestamp": "2026-06-18T14:53:11.555454Z"}, {"uuid": "69c89023-bacd-4ecd-8a19-bdad52eddd6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3moln6rpwau2a", "content": "\ud83d\udea8 HIGH: CVE-2026-42530\n\nCVSS 8.1/10\n\n\ud83d\udccb WHAT IT IS:\nNGINX Open Source has a vulnerability in the ngx_http_v3_module. When NGINX is configured to use the HTTP/3 QUIC module, a remote unauthenticated attacker can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream. This may cause a ", "creation_timestamp": "2026-06-18T20:11:53.447477Z"}, {"uuid": "028a0e1f-4853-431d-a4d7-ed2e80b3bef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3molqwn4o5k62", "content": "F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution TheHackerNews F5 fixes CVE-2026-42530 and CVE-2026-42055 in NGINX Open Source, addressing HTTP/3 and HTTP/2 flaws that...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-18T21:18:58.312124Z"}, {"uuid": "87fd2e13-dca5-4068-9b1f-74caaf19f276", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3molsfz3p3b2n", "content": "F5 patched two critical NGINX Open Source flaws, CVE-2026-42530 and CVE-2026-42055, that could enable remote code execution in certain configs. Mitigations include disabling HTTP/3 or adjusting headers. #NGINX #F5 #CVE202642530", "creation_timestamp": "2026-06-18T21:45:25.963442Z"}, {"uuid": "d2dab024-e84e-49f6-aefe-f7bca62ff1bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html", "content": "F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems.\n\nThe vulnerabilities are listed below -\n\n\n  CVE-2026-42530 (CVSS v4 score: 9.2) - A use-after-free vulnerability in the ngx_http_v3_module that could be triggered by a remote unauthenticated attacker when NGINX Open Source is", "creation_timestamp": "2026-06-18T15:32:14.000000Z"}, {"uuid": "dd835f0d-fd16-4014-b644-76d872e7491b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/dju.eurosky.social/post/3molyw2ol3c2h", "content": "plusieurs CVE dans nginx\n\nCVE-2026-42530\nCVE-2026-42055\nCVE-2026-48142\n\nthehackernews.com/2026/06/f5-p...", "creation_timestamp": "2026-06-18T23:41:47.658712Z"}, {"uuid": "fcddc24c-0fad-4b40-89a4-52e0cb22a1f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42530", "type": "seen", "source": "https://bsky.app/profile/thecybersecguru.com/post/3mompp6rrhu2b", "content": "Two 9.2s in stock NGINX: inside the HTTP/3 QPACK use-after-free and the gRPC heap overflow F5 just\u00a0patched\n\nF5 patched two critical NGINX flaws (CVSS 9.2): a QPACK use-after-free in HTTP/3 and a gRPC heap overflow. Full\u2026\n\nhttps://thecybersecguru.com/news/nginx-cve-2026-42530-cve-2026-42055-rce/", "creation_timestamp": "2026-06-19T06:29:31.707317Z"}, {"uuid": "fb1e197a-19c6-403c-b388-1adc725bcfd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42530", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3momr3spaum2v", "content": "\ud83d\udcf0 Picu Kerusakan Memori, F5 Rilis Patch Darurat Tutup Celah Kritis RCE pada NGINX\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/19/f5-rilis-patch-darurat-celah-kritis-nginx/\n\n#aslr #bufferOverflow #cve-2026-42055 #cve-2026-42530 #dos #f5 #http3 #nginx #outOfBand #patchDarurat ", "creation_timestamp": "2026-06-19T06:54:28.719189Z"}, {"uuid": "f13a347c-ff88-404e-b871-3b0b1d699dbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3momtwvudts26", "content": "CVE-2026-42530 : NGINX Open Source has a vulnerability in the ngx_http_v3_module module. www.cve.org/CVERecord?id...", "creation_timestamp": "2026-06-19T07:45:25.311271Z"}, {"uuid": "a9c35470-6661-4673-9590-61ef0bd51960", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "Telegram/1GsfOzUboS3JWnialEkr6Pf0VdQ2CZOxE9iogkqFyOsWag", "content": "", "creation_timestamp": "2026-06-18T18:39:43.000000Z"}, {"uuid": "faf1de6c-9861-4113-94f4-45280eba5c88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3monc6t4ohu24", "content": "NGINX Open Source: F5 patched two critical remote code execution flaws, including CVE-2026-42530. Update NGINX promptly and verify versions across all hosts. #Cybersecurity #Vulnerability #CloudSecurity\n\nSource: https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html", "creation_timestamp": "2026-06-19T12:00:23.627322Z"}, {"uuid": "db454273-c696-4665-b4b6-6a9665935bea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://infosec.exchange/users/beyondmachines1/statuses/116775720185561378", "content": "F5 Patches Critical Remote Code Execution Flaws in NGINX Open Source and Plus\nF5 addressed two critical vulnerabilities (CVE-2026-42530 and CVE-2026-42055) in NGINX that allow unauthenticated remote code execution or denial-of-service. The flaws affect NGINX Open Source, NGINX Plus, and several related gateway and controller products.\n**If you run NGINX (Open Source, Plus, Ingress Controller, Gateway Fabric, Instance Manager, or App Protect WAF), update immediately to the fixed versions F5 released: NGINX Open Source 1.31.2 or 1.30.3, and NGINX Plus 37.0.2.1 or R36 P6. If you can't patch right away, temporarily disable HTTP/3 by removing \"quic\" from all listen directives, and remove the \"ignore_invalid_headers off\" directive or shrink \"large_client_header_buffers\" to block these attacks until you update.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/f5-patches-critical-remote-code-execution-flaws-in-nginx-open-source-and-plus-q-l-g-f-a/gD2P6Ple2L", "creation_timestamp": "2026-06-19T13:20:05.850994Z"}, {"uuid": "62ea966c-9a8e-4737-967a-8aaa917156ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3monjucmz5s2h", "content": "F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution\n\nF5 released emergency updates for critical NGINX flaws (CVE-2026-42530, CVE-2026-42055) that could enable unauthenticated code execution. F5 has issued out-of-band patches for multiple NGINX vulnera\u2026\n#hackernews #news", "creation_timestamp": "2026-06-19T14:17:40.994156Z"}, {"uuid": "00b6b307-7f11-4e14-a88a-587dce6fd8ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/toxy4ny.bsky.social/post/3moory7o7bs2s", "content": "Friday fuck-up) this time F5-Nginx - The vulnerabilities have been assigned the identifiers CVE-2026-42530 and CVE-2026-42055 and received a CVSS score of 9.2. They allow an unauthenticated remote attacker to trigger a denial-of-service (DoS) condition or achieve arbitrary code execution.", "creation_timestamp": "2026-06-19T16:15:53.130998Z"}, {"uuid": "94685b2a-a351-41e7-b0d1-f0036834f8ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/toxy4ny.bsky.social/post/3moory7oj2c2s", "content": "Friday fuck-up) this time F5-Nginx - The vulnerabilities have been assigned the identifiers CVE-2026-42530 and CVE-2026-42055 and received a CVSS score of 9.2. They allow an unauthenticated remote attacker to trigger a denial-of-service (DoS) condition or achieve arbitrary code execution.", "creation_timestamp": "2026-06-19T16:15:54.954092Z"}, {"uuid": "905daf71-3a8f-418f-8eda-da2592f6390d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/toxy4ny.bsky.social/post/3moory7oly22s", "content": "Friday fuck-up) this time F5-Nginx - The vulnerabilities have been assigned the identifiers CVE-2026-42530 and CVE-2026-42055 and received a CVSS score of 9.2. They allow an unauthenticated remote attacker to trigger a denial-of-service (DoS) condition or achieve arbitrary code execution.", "creation_timestamp": "2026-06-19T16:15:56.815848Z"}, {"uuid": "bfd5507b-8375-44ce-abfe-dff569584faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3moo3tu7caf2s", "content": "Use-after-free in the QPACK encoder of nginx HTTP/3 - CVE-2026-42530", "creation_timestamp": "2026-06-19T19:39:32.454313Z"}, {"uuid": "978e67c3-6215-478c-80b8-19a12555bfae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/kontronn.bsky.social/post/3mosijvo7222x", "content": "Nginx QUIC RCE Vulnerability CVE-2026-42530: Security Implications of HTTP/3 www.pudn.club/news/nginx-q...", "creation_timestamp": "2026-06-21T13:37:23.040427Z"}, {"uuid": "17e976ce-db30-4b86-a922-7b614c846cf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motmkxha2v2m", "content": "\ud83d\udea8  ALERT: CVE-2026-42530\n\nCVSS 8.1/10\n\n\ud83d\udccb WHAT IT IS:\nNGINX Open Source has a vulnerability in the ngx_http_v3_module. When NGINX is configured to use the HTTP/3 QUIC module, a remote unauthenticated attacker can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream. This may cause ", "creation_timestamp": "2026-06-22T00:22:06.060030Z"}, {"uuid": "1c3a3d46-1081-4647-918c-c2b850193593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mourv4si7h22", "content": "F5 releases security updates for NGINX Open Source fixing CVE-2026-42530 (CVSS 9.2), a use-after-free flaw in ngx_http_v3_module that could allow remote code execution. Update now!", "creation_timestamp": "2026-06-22T11:29:55.861356Z"}, {"uuid": "aa1b4f73-b1f5-4ef4-96b5-8f9e2d6b9fc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42530", "type": "seen", "source": "https://infosec.exchange/ap/users/116710323468652980/statuses/116794392691446150", "content": "F5 Patches Critical NGINX RCE Bugs CVE-2026-42530/42055\n\ud83d\udd17 https://cybersecurefox.com/en/f5-critical-nginx-vulnerabilities-cve-2026-42530-42055\n#F5 #NGINX #CVE-2026-42530 #CVE-2026-42055 #HTTP/3 #vulnerability", "creation_timestamp": "2026-06-22T15:15:11.546523Z"}, {"uuid": "833a709e-feb9-4444-9f39-ebd392787395", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://gist.github.com/muhamedfazalps/a3449070789a6a2c13d4d4e844af803b", "content": "# \u26a0\ufe0f SECURITY ALERT: Multiple CVEs Affecting Popular Packages (June 2026)\n\n## CVE-2026-48931 \u2014 Node.js 24.17 / node-fetch Premature Close\n- **Impact:** Affects Node.js 24.17 and any app using node-fetch\n- **Severity:** High\n- **Affected:** Backstage (20\ud83d\udc4d issue), any Node.js app on 24.17\n- **Fix:** Update Node.js or apply backport\n- **Issue:** https://github.com/backstage/backstage/issues/34651\n\n## CVE-2026-54297 \u2014 Faraday Dependency Vulnerability\n- **Impact:** Affects Fastlane and apps using Faraday\n- **Severity:** High\n- **Affected:** Fastlane (9\ud83d\udc4d issue), any Ruby app using Faraday\n- **Fix:** Update Faraday dependency\n- **Issue:** https://github.com/fastlane/fastlane/issues/30086\n\n## CVE-2026-42530 &amp; CVE-2026-42055 \u2014 nginx Vulnerabilities\n- **Impact:** Affects nginx and mailcow-dockerized\n- **Severity:** High\n- **Affected:** mailcow-dockerized (7\ud83d\udc4d issue), any nginx deployment\n- **Fix:** Update nginx to patched version\n- **Issue:** https://github.com/mailcow/mailcow-dockerized/issues/7299\n\n## js-yaml Quadratic DoS (v3.x)\n- **Impact:** Affects any app using js-yaml v3.x for YAML parsing\n- **Severity:** Medium-High\n- **Affected:** 15\ud83d\udc4d issue requesting backport from v4.2.0 to v3\n- **Fix:** Update to js-yaml v4.2.0+ or apply backport\n- **Issue:** https://github.com/nodeca/js-yaml/issues/762\n\n## How to Check If You're Affected\n1. Check your Node.js version: `node --version`\n2. Check your Ruby/Bundler dependencies: `bundle list | grep faraday`\n3. Check your nginx version: `nginx -v`\n4. Check your js-yaml version: `npm ls js-yaml`\n\n## What to Do\n1. Update affected dependencies immediately\n2. Review logs for suspicious activity\n3. Rotate credentials if exposure is suspected\n\n---\n*If this alert helped you: https://buymeacoffee.com/muhamedfazalps*\n", "creation_timestamp": "2026-06-23T13:41:44.000000Z"}, {"uuid": "2d5cf4f3-bc25-4ede-987d-841e5f068822", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/getpacketai.bsky.social/post/3moyakl54rp2v", "content": "F5 patches critical NGINX flaws enabling remote code execution. Security teams need to prioritise updates for CVE-2026-42530 and related vulnerabilities affecting open-source\u2026\n\nhttps://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html\n\n#cybersecurity #infosec", "creation_timestamp": "2026-06-23T20:30:27.147464Z"}, {"uuid": "b8c25301-46e5-469b-8b20-603dfd26a343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/insomnisec.bsky.social/post/3mp2q6blryx2v", "content": "\ud83d\udce1 Two More Critical NGINX Vulnerabilities: CVE-2026-42530 and CVE-2026-42055", "creation_timestamp": "2026-06-24T20:15:13.908392Z"}, {"uuid": "0a286360-a736-4bac-8e18-a45db7af24fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://www.acn.gov.it/portale/w/risolte-vulnerabilita-nei-prodotti-nginix", "content": "", "creation_timestamp": "2026-06-25T16:45:32.604084Z"}, {"uuid": "27910c25-ea83-4287-9a29-d3984dec7567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42536", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mppa4qprci2j", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-42536 \u0432 Apache HTTP Server: \u0443\u0433\u0440\u043e\u0437\u0430 heap-based \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430\n\n\n\nhttps://kripta.biz/posts/6B46BDB9-EEB7-41BF-B8C7-80B59C0CB7D0", "creation_timestamp": "2026-07-02T23:53:57.082007Z"}, {"uuid": "3bdf9444-2b64-4531-824d-626d9d132bc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42535", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mpuchdu73s2l", "content": "\u300cApache HTTPD\u300d\u306b\u8907\u6570\u8106\u5f31\u6027 - \u300c\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\u300d\u3068\u306e\u8a55\u4fa1\u3082\n\n\u30a6\u30a7\u30d6\u30b5\u30fc\u30d0\u300cApache HTTP Server\u300d\u306b\u8907\u6570\u306e\u8106\u5f31\u6027\u304c\u5224\u660e\u3057\u305f\u3002\u958b\u767a\u30c1\u30fc\u30e0\u306f\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u63d0\u4f9b\u3057\u3066\u3044\u308b\u3002\n\n...\n\n\u4e00\u65b9\u3001\u7c73\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001\u300cCVE-2026-29167\u300d\u300cCVE-2026-44631\u300d\u306b\u3064\u3044\u3066\u3001\u5171\u901a\u8106\u5f31\u6027\u8a55\u4fa1\u30b7\u30b9\u30c6\u30e0\u300cCVSSv3.1\u300d\u306e\u30d9\u30fc\u30b9\u30b9\u30b3\u30a2\u3092\u300c9.8\u300d\u3001\u300cCVE-2026-42535\u300d\u3092\u300c9.1\u300d\u3068\u8a55\u4fa1\u3002", "creation_timestamp": "2026-07-05T00:18:58.375174Z"}, {"uuid": "fb8ce3ca-35ec-4a81-90d9-f4f0301cf1aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4253", "type": "seen", "source": "https://t.me/GithubRedTeam/90566", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-4253-Scanner\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a renzi25031469\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-25 12:19:14\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nNon-destructive vulnerability scanner for NGINX HTTP/3 (ngx_http_v3_module). It ONLY performs a safe probe: opens an HTTP/3 (QUIC) connection, sends a single HEAD request and inspects the `Server` response header. It NEVER attempts to reopen a QPACK encoder stream or trigger the use-after-free.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:18.574584Z"}, {"uuid": "4ef68d1d-48c0-4e6e-934a-175c27981009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://t.me/GithubRedTeam/89682", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-42530\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a v4ltonn\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 1  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 19:38:15\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nScanner PoC for CVE-2026-42530 -- nginx 1.31.0-1.31.1 HTTP/3 QPACK encoder stream Use-After-Free (CVSS 9.2)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:22.828078Z"}, {"uuid": "8144a90e-12ba-412a-9ea4-78e5a4f39209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://t.me/GithubRedTeam/89690", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-42530\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xBlackash\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 20:54:44\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-42530\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:22.450002Z"}, {"uuid": "302e8b0c-efbe-4f2d-99ab-af75b8fcd6e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4253", "type": "seen", "source": "https://t.me/GithubRedTeam/90566", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-4253-Scanner\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a renzi25031469\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-25 12:19:14\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nNon-destructive vulnerability scanner for NGINX HTTP/3 (ngx_http_v3_module). It ONLY performs a safe probe: opens an HTTP/3 (QUIC) connection, sends a single HEAD request and inspects the `Server` response header. It NEVER attempts to reopen a QPACK encoder stream or trigger the use-after-free.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:34.849099Z"}, {"uuid": "820a4440-2d09-4f60-a643-1287a1164969", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://t.me/GithubRedTeam/89690", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-42530\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xBlackash\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 20:54:44\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-42530\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:38.260370Z"}, {"uuid": "745b9d69-3eec-4958-a9f5-c5edafe57010", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://t.me/GithubRedTeam/89682", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-42530\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a v4ltonn\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 1  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 19:38:15\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nScanner PoC for CVE-2026-42530 -- nginx 1.31.0-1.31.1 HTTP/3 QPACK encoder stream Use-After-Free (CVSS 9.2)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:38.619606Z"}, {"uuid": "cf7ad02d-006a-44e5-bc27-d6a335e37664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://t.me/bdufstecru/3257", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f ngx_http_v3_module HTTP-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 NGINX Open Source, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 NGINX Ingress Controller, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 NGINX Gateway Fabric, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 NGINX Instance Manager \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u0431\u043e\u0439\u0442\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\n\nBDU:2026-08509\nCVE-2026-42530\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://my.f5.com/manage/s/article/K000161616", "creation_timestamp": "2026-07-14T01:00:06.023285Z"}, {"uuid": "031f8e77-cb90-48b2-a6dc-2b72b514fc30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/89682", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-42530\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a v4ltonn\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 1  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 19:38:15\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nScanner PoC for CVE-2026-42530 -- nginx 1.31.0-1.31.1 HTTP/3 QPACK encoder stream Use-After-Free (CVSS 9.2)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:17.836852Z"}, {"uuid": "d8bbb671-1a0f-4ea6-9d3c-d52f9535dcde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://t.me/GithubRedTeam/89690", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-42530\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xBlackash\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 20:54:44\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-42530\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:18.232641Z"}, {"uuid": "c26d8073-f9b8-43d4-a484-614128895a39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4253", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/90566", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-4253-Scanner\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a renzi25031469\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-25 12:19:14\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nNon-destructive vulnerability scanner for NGINX HTTP/3 (ngx_http_v3_module). It ONLY performs a safe probe: opens an HTTP/3 (QUIC) connection, sends a single HEAD request and inspects the `Server` response header. It NEVER attempts to reopen a QPACK encoder stream or trigger the use-after-free.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:21.197794Z"}, {"uuid": "93d5dde3-b822-4684-8f8a-4115bf882cff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://t.me/bdufstecru/3257", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f ngx_http_v3_module HTTP-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 NGINX Open Source, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 NGINX Ingress Controller, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 NGINX Gateway Fabric, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 NGINX Instance Manager \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u0431\u043e\u0439\u0442\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\n\nBDU:2026-08509\nCVE-2026-42530\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://my.f5.com/manage/s/article/K000161616", "creation_timestamp": "2026-07-15T00:00:34.478165Z"}, {"uuid": "850fa5dc-ae48-44a4-aaef-ff2b3324765f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://t.me/thehackernews/9278", "content": "\ud83d\udea8 Two critical NGINX flaws can lead to remote code execution.\n\nF5 has patched:\n\u2022 CVE-2026-42530 (HTTP/3 use-after-free)\n\u2022 CVE-2026-42055 (HTTP/2 heap buffer overflow)\n\nBoth require specific configurations and ASLR bypass conditions.\n\nDetails here \u2192 https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html", "creation_timestamp": "2026-07-15T12:00:04.674060Z"}, {"uuid": "d282b1d8-6d44-4cf2-a0d3-d2c381e3a0ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://t.me/thehackernews/9290", "content": "Update: the critical NGINX flaws now have a clearer technical path.\n\nCVE-2026-42530 comes down to an HTTP/3 lifetime mismatch that can leave a freed stream pointer treated as valid.\n\nCVE-2026-42055 lets oversized HPACK data write past its buffer, causing unauthenticated worker crashes.\n\nPatch or apply mitigations.\n\nRead: https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html", "creation_timestamp": "2026-07-15T12:00:04.287507Z"}, {"uuid": "61eff754-6833-4f3c-b2f8-15e062127959", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqp35imbr32a", "content": "CVE-2026-42533\nNGINX web servers are at risk of crashing or being exploited by attackers if they use a specific configuration. An attacker can send a specially crafted HTTP request, causing the server to restart or\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-15T15:50:05.029977Z"}, {"uuid": "fd5fe5cc-fc57-4564-81ae-ac624f796f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116925017337379554", "content": "That's a lot of Fixes introduced in: NONE.\nhttps://my.f5.com/manage/s/article/K000162097\n\nA vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable in a string expression under certain conditions. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. (CVE-2026-42533)\nhttps://my.f5.com/manage/s/article/K000162097", "creation_timestamp": "2026-07-15T16:49:36.478685Z"}, {"uuid": "1b087103-678b-4ec2-8882-cfabc2bb4b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpauojijv2m", "content": "CVE-2026-42533 - NGINX Map directive and Regex matching vulnerability\nCVE ID : CVE-2026-42533\n \n Published : July 15, 2026, 2:33 p.m. | 43\u00a0minutes ago\n \n Description : A vulnerability exists in NGINX Plus and NGINX Open Source when a map\u00a0directive uses regex matching and a str...", "creation_timestamp": "2026-07-15T17:32:31.803938Z"}, {"uuid": "fd658d13-ce45-42e4-8f0c-ed3b6ef5dd7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/selfhost.directory/post/3mqpcouovz52f", "content": "\ud83d\ude80 New #release \u00b7 NGINX release-1.30.4\n\nnginx-1.30.4 stable version has been released, with fixes for buffer overflow vulnerability when using map with regex (CVE-2026-42533), memor\u2026\n\nCheck and #self-host it \u2192 selfhost.directory/project/nginx#update-5055825\n\n#selfhost #selfhosted #homelab #opensource", "creation_timestamp": "2026-07-15T18:05:05.039133Z"}, {"uuid": "d6cb6435-19b0-422c-9db8-746b08a4aeba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mqpi3q3fx22o", "content": "\u300cnginx\u300d\u306b\u8907\u6570\u306e\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\u8106\u5f31\u6027 - \u4fee\u6b63\u7248\u304c\u516c\u958b\n\n\u30a6\u30a7\u30d6\u30b5\u30fc\u30d0\u300cnginx\u300d\u306b\u8907\u6570\u306e\u8106\u5f31\u6027\u304c\u660e\u3089\u304b\u3068\u306a\u3063\u305f\u3002\u6709\u511f\u7248\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u7248\u306e\u3044\u305a\u308c\u3082\u5f71\u97ff\u3092\u53d7\u3051\u308b\u3002\n\nF5\u306f\u73fe\u5730\u6642\u95932026\u5e746\u670817\u65e5\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u3092\u516c\u958b\u3057\u30013\u4ef6\u306e\u8106\u5f31\u6027\u300cCVE-2026-42055\u300d\u300cCVE-2026-42530\u300d\u300cCVE-2026-48142\u300d\u3092\u660e\u3089\u304b\u306b\u3057\u305f\u3002\n\n\u300cCVE-2026-42055\u300d\u306f\u3001\u300cproxy\u300d\u300cgrpc\u300d\u30e2\u30b8\u30e5\u30fc\u30eb\u306b\u78ba\u8a8d\u3055\u308c\u305f\u30d2\u30fc\u30d7\u30d9\u30fc\u30b9\u306e\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306e\u8106\u5f31\u6027\u3002\u7279\u5b9a\u306e\u69cb\u6210\u3068\u3057\u305f\u5834\u5408\u306b\u5f71\u97ff\u3092\u53d7\u3051\u308b\u3002\u60aa\u7528\u3055\u308c\u308b\u3068\u30ef\u30fc\u30ab\u30fc\u30d7\u30ed\u30bb\u30b9\u306e\u518d\u8d77\u52d5\u3092\u5f15\u304d\u8d77\u3053\u3057\u305f\u308a\u3001\u30e1\u30e2...", "creation_timestamp": "2026-07-15T19:41:45.356590Z"}, {"uuid": "58c70452-5f22-41cd-853d-a51a0bbe1bb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mqpji372sc2o", "content": "F5\u793e\u3001NGINX\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\u306b\u5bfe\u3059\u308b\u5e2f\u57df\u5916\u30d1\u30c3\u30c1\u3092\u30ea\u30ea\u30fc\u30b9\n\n\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4f01\u696d\u306eF5\u306f\u3001NGINX\u30a6\u30a7\u30d6\u30b5\u30fc\u30d0\u30fc\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u5bfe\u51e6\u3059\u308b\u305f\u3081\u3001\u5e2f\u57df\u5916\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u305f\u3002\u3053\u308c\u306b\u306f\u3001\u653b\u6483\u8005\u304c\u8106\u5f31\u306a\u30b7\u30b9\u30c6\u30e0\u4e0a\u3067\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3067\u304d\u308b\u53ef\u80fd\u6027\u306e\u3042\u308b\u30012\u3064\u306e\u91cd\u5927\u306a\u6b20\u9665\u304c\u542b\u307e\u308c\u3066\u3044\u308b\u3002\n\n2\u3064\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\u306f\u3001ngx_http_v3_module\uff08CVE-2026-42530\uff09\u3068ngx_http_proxy_v2_module\u304a\u3088\u3073ngx_http_grpc_module\uff08CVE-2026-42055\uff09\u3067\u767a\u898b\u3055\u308c\u3001\u8a8d\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u30ea\u30e2\u30fc\u30c8\u653b\u6483\u8005\u306b\u3088\u3063\u3066\u60aa\u7528\u3055\u308c\u3001\u30c7\u30d5\u30a9\u30eb\u30c8\u4ee5...", "creation_timestamp": "2026-07-15T20:06:38.193612Z"}, {"uuid": "e5ecb463-4c09-425e-b3d0-b9677e75323e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/9290", "content": "Update: the critical NGINX flaws now have a clearer technical path.\n\nCVE-2026-42530 comes down to an HTTP/3 lifetime mismatch that can leave a freed stream pointer treated as valid.\n\nCVE-2026-42055 lets oversized HPACK data write past its buffer, causing unauthenticated worker crashes.\n\nPatch or apply mitigations.\n\nRead: https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html", "creation_timestamp": "2026-07-16T00:00:10.681866Z"}, {"uuid": "357d7c6e-f325-443b-a7ec-0c2a3f17a166", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://t.me/thehackernews/9278", "content": "\ud83d\udea8 Two critical NGINX flaws can lead to remote code execution.\n\nF5 has patched:\n\u2022 CVE-2026-42530 (HTTP/3 use-after-free)\n\u2022 CVE-2026-42055 (HTTP/2 heap buffer overflow)\n\nBoth require specific configurations and ASLR bypass conditions.\n\nDetails here \u2192 https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html", "creation_timestamp": "2026-07-16T01:00:06.287858Z"}, {"uuid": "5626e7e7-0605-4f8b-bf9b-ff0934afe5c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mqq5jnrowx2a", "content": "F5 patched the NGINX code execution flaw CVE-2026-42533, along with CVE-2026-60005 and CVE-2026-56434. Update NGINX Plus and Open Source builds now.\n\n#NGINX #CVE202642533 #CodeExecution #F5 #Vulnerability", "creation_timestamp": "2026-07-16T02:05:21.284846Z"}, {"uuid": "b380de32-1dcc-4660-b4c3-7c34c829f231", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/thecybersecguru.com/post/3mqqn6zxtcf22", "content": "F5 Patches High-Severity NGINX Vulnerabilities That Could Lead to Code\u00a0Execution\n\nF5 patches three high-severity NGINX vulnerabilities, including CVE-2026-42533, that could enable memory corruption, crashes, and code\u2026\n\nhttps://thecybersecguru.com/news/f5-nginx-vulnerabilities-code-execution/", "creation_timestamp": "2026-07-16T06:45:44.354072Z"}, {"uuid": "79860c2e-2130-4856-b568-2924c0c6d1bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mqrc4ik4ie2t", "content": "\ud83d\udd17 CVE : CVE-2026-42533, CVE-2026-46333, CVE-2026-52865, CVE-2026-55723, CVE-2026-56434, CVE-2026-59762, CVE-2026-60005, CVE-2026-60062, CVE-2026-60065", "creation_timestamp": "2026-07-16T13:00:07.340450Z"}, {"uuid": "bf94b4a3-8ebd-4a07-9283-151ff3b69eb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mqrcfl6mb22y", "content": "F5\u793e\u3001\u8a8d\u8a3c\u306a\u3057\u3067\u306e\u30b3\u30fc\u30c9\u5b9f\u884c\u3092\u53ef\u80fd\u306b\u3059\u308bNGINX\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\u306b\u5bfe\u3059\u308b\u30d1\u30c3\u30c1\u3092\u63d0\u4f9b\n\nF5\u306f\u3001\u8907\u6570\u306eNGINX\u306e\u8106\u5f31\u6027\u306b\u5bfe\u3059\u308b\u5e2f\u57df\u5916\u30d1\u30c3\u30c1\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u307e\u3057\u305f\u3002\u3053\u308c\u306b\u306f\u3001\u305d\u308c\u305e\u308cCVE-2026-42530\u304a\u3088\u3073CVE-2026-42055\uff08CVSS 9.2\uff09\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044\u308b2\u3064\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\u304c\u542b\u307e\u308c\u307e\u3059\u3002\u3053\u308c\u3089\u306e\u30d0\u30b0\u306fHTTP\u30e2\u30b8\u30e5\u30fc\u30eb\u306b\u5f71\u97ff\u3092\u4e0e\u3048\u3001\u8a8d\u8a3c\u306a\u3057\u3067\u30ea\u30e2\u30fc\u30c8\u304b\u3089\u60aa\u7528\u3055\u308c\u3001\u30e1\u30e2\u30ea\u7834\u640d\u3092\u5f15\u304d\u8d77\u3053\u3057\u3001\u30b5\u30fc\u30d3\u30b9\u306e\u518d\u8d77\u52d5\u3084\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u5b9f\u884c\u306b\u3064\u306a\u304c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\n\nCVE-2026-42530\uff08CVSS\u30b9\u30b3\u30a29.2\uff09\u306f\u3001NGINX\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u306engx_http_v3_mod...", "creation_timestamp": "2026-07-16T13:05:14.308854Z"}, {"uuid": "f76e91c4-869b-4601-bb06-3bbf141a257a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42530", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mqrdluvyp22y", "content": "F5\u793e\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u3092\u53ef\u80fd\u306b\u3059\u308bNGINX\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u306e\u91cd\u5927\u306a\u8106\u5f31\u60272\u4ef6\u3092\u4fee\u6b63\n\nF5\u306f\u3001NGINX\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u7248\u306b\u5b58\u5728\u3059\u308b2\u3064\u306e\u91cd\u5927\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4e0a\u306e\u6b20\u9665\u306b\u5bfe\u51e6\u3059\u308b\u305f\u3081\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u307e\u3057\u305f\u3002\u3053\u308c\u3089\u306e\u6b20\u9665\u306f\u60aa\u7528\u3055\u308c\u308b\u3068\u3001\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30b7\u30b9\u30c6\u30e0\u4e0a\u3067\u30b3\u30fc\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u306b\u306a\u308b\u6050\u308c\u304c\u3042\u308a\u307e\u3057\u305f\u3002\n\n\u8106\u5f31\u6027\u306f\u4ee5\u4e0b\u306e\u3068\u304a\u308a\u3067\u3059\u3002\n\nCVE-2026-42530 (CVSS v4 \u30b9\u30b3\u30a2: 9.2) - ngx_http_v3_module \u306e use-after-free \u8106\u5f31\u6027\u3002NGINX Open Source \u304c HTTP/3 QUIC \u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u4f7f\u7528\u3057\u3066 QP...", "creation_timestamp": "2026-07-16T13:26:42.404334Z"}, {"uuid": "721a8ffb-11e8-4500-b0b0-cce7c5fb7654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mqrfi7yo4j2y", "content": "F5 issued an out-of-band patch for 8 NGINX and BIG-IP flaws, including CVE-2026-42533, a critical heap buffer overflow in NGINX Plus and Open Source, plus high-severity issues in Ingress Controller and BIG-IP. #NGINX #BIGIP #CVE202642533", "creation_timestamp": "2026-07-16T14:00:22.770755Z"}, {"uuid": "680efff5-2506-43c2-8ed5-e492da8d922f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/modat-io.bsky.social/post/3mqrgpybos22c", "content": "\u26a0\ufe0f F5 patched 3 memory-safety flaws in NGINX incl. CVE-2026-42533 (CVSS 9.2) is a heap overflow via the map directive that crafted HTTP requests can trigger, with possible code exec if ASLR is off; plus an SSI use-after-free &amp; a slice memory leak. Upgrade now to 1.31.3. Query: technology=\"Nginx\"", "creation_timestamp": "2026-07-16T14:22:42.001223Z"}, {"uuid": "5da057ef-3194-4b9c-89ab-1ffd7f4c554a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116930842661837024", "content": "Our CTI team identified a lot of activities targeting F5 NGINX Plus and NGINX Open Source (CVE-2026-42533) https://vuldb.com/vuln/379270/cti", "creation_timestamp": "2026-07-16T17:31:03.486418Z"}, {"uuid": "f5fee75f-ae7a-4ea4-9707-8ab57789d230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4253", "type": "seen", "source": "Telegram/NIC1pSer4wUaPF8vYCXT8yimUdczJT6s6FIEEKYD8WYc7m4", "content": "", "creation_timestamp": "2026-07-16T19:00:31.648495Z"}, {"uuid": "7d60cebf-459e-4183-876e-5abe60a56f81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://t.me/true_secator/8417", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0443\u0433\u0440\u043e\u0437\u044b:\n\n1. Zoom \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u043c \u043d\u0430\u0441\u0442\u043e\u043b\u044c\u043d\u043e\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0435 \u0438 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u041f\u041e \u0434\u043b\u044f Windows, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u0438\u0446\u043e\u043c \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439.\n\nCVE-2026-53412 (CVSS 9,8) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Zoom Workplace \u0434\u043b\u044f Windows \u0432\u0435\u0440\u0441\u0438\u0439 \u0434\u043e 7.0.0, Windows VDI Client \u0432\u0435\u0440\u0441\u0438\u0439 \u0434\u043e 7.0.10, 6.6.15 \u0438 6.5.18, \u0430 \u0442\u0430\u043a\u0436\u0435 Meeting SDK \u0434\u043b\u044f Windows \u0432\u0435\u0440\u0441\u0438\u0439 \u0434\u043e 7.0.0.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439, \u0430 \u043b\u0438\u0448\u044c \u043e\u043f\u0438\u0441\u0430\u043b \u0435\u0433\u043e \u043a\u0430\u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n2. Splunk \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432. \u0418\u0437 \u043f\u044f\u0442\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0440\u0438 \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0434\u0432\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432.\n\n\u041a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u043d\u044b\u043c \u0434\u043b\u044f Splunk, \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f CVE-2026-20296 (\u043e\u0431\u0445\u043e\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438), CVE-2026-20297 (\u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438) \u0438 CVE-2026-20298 (\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438).\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0435\u0442\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u0434\u0430\u043d\u043d\u044b\u043c, \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435 \u0445\u044d\u0448\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n3. F5 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u0432\u043d\u0435\u043f\u043e\u043b\u043e\u0441\u043d\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0435\u043c \u0432\u043e\u0441\u0435\u043c\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 NGINX \u0438 BIG-IP.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - CVE-2026-42533 (CVSS 9.2), \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 NGINX Plus \u0438 NGINX Open Source, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438 \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 NGINX.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. F5 \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u043e \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n4. \u0412 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Trend Micro, ESET, Tenable \u0438 Tanium \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \n\nTenable\u00a0\u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0432 Tenable Agent. CVE-2026-15265 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430.\n\nESET\u00a0\u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435 Inspect Connector \u0434\u043b\u044f Windows, \u0430 Tanium\u00a0- \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 DoS, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0432\u0448\u0435\u0439 Tanium Server.\n\nTrend Micro\u00a0\u043e\u0431\u0440\u0430\u0434\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Cleaner One Pro \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0444\u0430\u0439\u043b\u044b Trend Micro, \u0438\u043c\u0435\u044e\u0449\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Bitdefender \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0442\u0440\u0438 \u043c\u0435\u0442\u043e\u0434\u0430 \u0430\u0442\u0430\u043a, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u044f\u0437\u043a\u0443 \u0441\u0441\u044b\u043b\u043e\u043a Windows \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 EDR.\n\n6. Positive Technologies \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u0438\u044e\u043b\u044c\u0441\u043a\u0438\u0439 \u00ab\u0412 \u0442\u0440\u0435\u043d\u0434\u0435 VM\u00bb, \u043e\u0442\u043c\u0435\u0442\u0438\u0432 \u0432 \u043d\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft Exchange Server (CVE-2026-42897, CVSS 8,1)\n\n7. \u041d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u044b\u043b\u0435\u0441\u043e\u0441\u0435 Shark \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u044b\u043b\u0435\u0441\u043e\u0441\u044b \u0432 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0430\u0445 \u0432\u0441\u0435\u0433\u043e \u0440\u0435\u0433\u0438\u043e\u043d\u0430.\n\n8. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u0432 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 Node (npm) \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u043f\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 AsyncAPI (\u0441\u0443\u043c\u043c\u0430\u0440\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0435\u0436\u0435\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u043e 2,25 \u043c\u043b\u043d.), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0442\u0440\u043e\u044f\u043d \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.", "creation_timestamp": "2026-07-16T19:00:32.040737Z"}, {"uuid": "020b54f0-1f8a-493e-87e8-97da147b5c06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4253", "type": "seen", "source": "Telegram/NIC1pSer4wUaPF8vYCXT8yimUdczJT6s6FIEEKYD8WYc7m4", "content": "", "creation_timestamp": "2026-07-17T00:00:48.535748Z"}, {"uuid": "b39ee94e-4ea1-47a0-ac24-bba6e4b23919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://t.me/true_secator/8417", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0443\u0433\u0440\u043e\u0437\u044b:\n\n1. Zoom \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u043c \u043d\u0430\u0441\u0442\u043e\u043b\u044c\u043d\u043e\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0435 \u0438 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u041f\u041e \u0434\u043b\u044f Windows, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u0438\u0446\u043e\u043c \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439.\n\nCVE-2026-53412 (CVSS 9,8) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Zoom Workplace \u0434\u043b\u044f Windows \u0432\u0435\u0440\u0441\u0438\u0439 \u0434\u043e 7.0.0, Windows VDI Client \u0432\u0435\u0440\u0441\u0438\u0439 \u0434\u043e 7.0.10, 6.6.15 \u0438 6.5.18, \u0430 \u0442\u0430\u043a\u0436\u0435 Meeting SDK \u0434\u043b\u044f Windows \u0432\u0435\u0440\u0441\u0438\u0439 \u0434\u043e 7.0.0.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439, \u0430 \u043b\u0438\u0448\u044c \u043e\u043f\u0438\u0441\u0430\u043b \u0435\u0433\u043e \u043a\u0430\u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n2. Splunk \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432. \u0418\u0437 \u043f\u044f\u0442\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0440\u0438 \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0434\u0432\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432.\n\n\u041a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u043d\u044b\u043c \u0434\u043b\u044f Splunk, \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f CVE-2026-20296 (\u043e\u0431\u0445\u043e\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438), CVE-2026-20297 (\u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438) \u0438 CVE-2026-20298 (\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438).\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0435\u0442\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u0434\u0430\u043d\u043d\u044b\u043c, \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435 \u0445\u044d\u0448\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n3. F5 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u0432\u043d\u0435\u043f\u043e\u043b\u043e\u0441\u043d\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0435\u043c \u0432\u043e\u0441\u0435\u043c\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 NGINX \u0438 BIG-IP.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - CVE-2026-42533 (CVSS 9.2), \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 NGINX Plus \u0438 NGINX Open Source, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438 \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 NGINX.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. F5 \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u043e \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n4. \u0412 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Trend Micro, ESET, Tenable \u0438 Tanium \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \n\nTenable\u00a0\u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0432 Tenable Agent. CVE-2026-15265 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430.\n\nESET\u00a0\u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435 Inspect Connector \u0434\u043b\u044f Windows, \u0430 Tanium\u00a0- \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 DoS, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0432\u0448\u0435\u0439 Tanium Server.\n\nTrend Micro\u00a0\u043e\u0431\u0440\u0430\u0434\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Cleaner One Pro \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0444\u0430\u0439\u043b\u044b Trend Micro, \u0438\u043c\u0435\u044e\u0449\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Bitdefender \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0442\u0440\u0438 \u043c\u0435\u0442\u043e\u0434\u0430 \u0430\u0442\u0430\u043a, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u044f\u0437\u043a\u0443 \u0441\u0441\u044b\u043b\u043e\u043a Windows \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 EDR.\n\n6. Positive Technologies \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u0438\u044e\u043b\u044c\u0441\u043a\u0438\u0439 \u00ab\u0412 \u0442\u0440\u0435\u043d\u0434\u0435 VM\u00bb, \u043e\u0442\u043c\u0435\u0442\u0438\u0432 \u0432 \u043d\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft Exchange Server (CVE-2026-42897, CVSS 8,1)\n\n7. \u041d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u044b\u043b\u0435\u0441\u043e\u0441\u0435 Shark \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u044b\u043b\u0435\u0441\u043e\u0441\u044b \u0432 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0430\u0445 \u0432\u0441\u0435\u0433\u043e \u0440\u0435\u0433\u0438\u043e\u043d\u0430.\n\n8. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u0432 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 Node (npm) \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u043f\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 AsyncAPI (\u0441\u0443\u043c\u043c\u0430\u0440\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0435\u0436\u0435\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u043e 2,25 \u043c\u043b\u043d.), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0442\u0440\u043e\u044f\u043d \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.", "creation_timestamp": "2026-07-17T00:00:48.947097Z"}, {"uuid": "ef871d53-4264-4bad-bf64-5799ef523eaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/bootintel.bsky.social/post/3mqsh6qbxvr2p", "content": "HIGH severity CVE just published in nginx:\n\nCVE-2026-42533. A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing\u2026\n\nnvd.nist.gov/vuln/detail/CVE-2026-42533", "creation_timestamp": "2026-07-17T00:03:31.136676Z"}, {"uuid": "5e94e858-64aa-4e20-92f6-7e8cf3d15c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mqswxbzsby2v", "content": "Top 3 CVE for last 7 days:\nCVE-2026-15409: 18 interactions\nCVE-2026-44747: 14 interactions\nCVE-2026-20262: 13 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-46817: 5 interactions\nCVE-2026-20253: 4 interactions\nCVE-2026-42533: 4 interactions\n", "creation_timestamp": "2026-07-17T04:45:41.201733Z"}, {"uuid": "2c42ff41-84f5-4cc2-b69e-b9048f7a335d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42533", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqu2fohrzs2e", "content": "CVE-2026-42533 - nginx\nNGINX servers may leak sensitive configuration data. This can happen when attackers exploit a specific configuration setting. To protect your NGINX servers, review\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#nginx #canonical #UbuntuPro1404LTS #CVE #infosec", "creation_timestamp": "2026-07-17T15:20:08.379725Z"}]}