New NGINX Vulnerability Allow Remote Attackers to Trigger Malicious Code
Source: Cybersecuritynews
Published:
<p>A new vulnerability in NGINX JavaScript (njs), tracked as CVE‑2026‑8711, allows unauthenticated remote attackers to trigger a heap‑based buffer overflow that can lead to denial‑of‑service and, in some conditions, remote code execution in the NGINX worker process. The flaw is tied to how the js_fe