GHSA SSRF via Cluster Proxy Middleware in nginx-ui Allows Access to Internal Services

github.com 2026-05-22查看中文 →

Security AdvisoryGHSA-wr32-99hh-6f35Highnginx-ui

Affected:

0xJacky/nginx-ui <= 2.3.4

Referenced CVEs: CVE-2026-44015 · 8.5

文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive

This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.

More from this source

PressPrimer Plugin REST API IDOR Fix: Ownership Check Bypass in Quiz Items 2026-06-18 SQL Injection in bus_info.php: Analysis, POC, and Fix 2026-06-18 Typebot SSRF Vulnerability via DNS Rebinding Bypass (< 3.16.2) 2026-06-18 Typebot SSRF via IPv6 Unspecified Address (::) Fix Analysis 2026-06-18 Typebot Unauthenticated Arbitrary S3 Object Write via Unsanitized fileName (Stored XSS) 2026-06-18

Offline Archive

Offline screenshot & PDF are Pro-exclusive