F5 NGINX – CVE-2026-32647
CVSS 7.8
IMPORTANT
“A flaw in how requests are handled can turn normal traffic into an attack vector.”
F5 addressed CVE-2026-32647 in NGINX Open Source, a high-severity vulnerability tied to HTTP request processing. The issue can be triggered through specially crafted requests, potentially leading to memory corruption, service crashes, or unintended behavior in affected systems.
CVE-2026-32647 has a CVSS score of 7.8, which is High severity. There is no verified evidence of active exploitation or publicly available proof-of-concept code. The patch improves request parsing and memory handling to prevent misuse and ensure stable operation under malicious input.
Key Details
- Affected Product
- F5 Nginx Plus
- Attack Vector
- Local
- Attack Complexity
- Low
- Privileges Required
- Low
- User Interaction
- None
- CWE Classification
- CWE-125
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.