Critical Vulnerabilities Found in nginx Affecting openSUSE Leap 15.6

Severity: High (Score: 74.0)

Sources: Linuxsecurity

Summary

A significant update for nginx has been released to address multiple vulnerabilities affecting openSUSE Leap 15.6. The vulnerabilities include CVE-2026-1642, a plaintext data injection flaw, CVE-2026-27654, a buffer overflow in the NGINX worker process, CVE-2026-27784, which allows memory overread or overwrite through a crafted MP4 file, and CVE-2026-28753, which enables arbitrary header injection via an attacker-controlled DNS server. These vulnerabilities could potentially allow attackers to exploit systems running nginx, leading to data breaches or service disruptions. Users are advised to apply the patches immediately using recommended installation methods. The vulnerabilities were published between February and March 2026, with the first public proof of concept for CVE-2026-27654 released on April 7, 2026. The affected systems include various architectures of openSUSE and SUSE Linux Enterprise Server. Key Points: • Four critical vulnerabilities in nginx have been identified, affecting openSUSE Leap 15.6. • CVE-2026-27654 features a buffer overflow that can be exploited in the NGINX worker process. • Immediate patching is recommended to mitigate potential exploitation risks.

Key Entities

• Man-in-the-Middle (attack_type)
• CVE-2026-1642 (cve)
• CVE-2026-27654 (cve)
• CVE-2026-27784 (cve)
• CVE-2026-28753 (cve)
• CWE-120 - Classic Buffer Overflow (cwe)
• Cwe-125 - Out-of-bounds Read (cwe)
• Cwe-787 - Out-of-bounds Write (cwe)
• T1557 - Adversary-in-the-Middle (mitre_attack)
• Linux (platform)
• Nginx (tool)