CVE-2026-42533: Critical NGINX Map Regex Flaw Can Trigger Heap Buffer Overflow and Possible RCE
F5 has disclosed multiple NGINX Vulnerabilities in an out-of-band security update, with CVE-2026-42533 standing out as one of the most dangerous issues in the batch. The flaw is a heap buffer overflow in NGINX’s handling of the map directive when regular expression matching references regex variables in a specific order. In vulnerable deployments, a remote […]