Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
nginx Web Server Security Update for Linux
RHSA-2026:17751
Summary
A security update is available for the nginx web server on Linux systems. This update addresses a potential security risk that could allow an attacker to execute unauthorized code. To ensure the security of your system, apply the update as soon as possible.
What to do
- Update redhat nginx to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-all-modules to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-core to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-core-debuginfo to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-debuginfo to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-debugsource to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-filesystem to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-mod-http-image-filter to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-mod-http-image-filter-debuginfo to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-mod-http-perl to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-mod-http-perl-debuginfo to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-mod-http-xslt-filter to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-mod-http-xslt-filter-debuginfo to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-mod-mail to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-mod-mail-debuginfo to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-mod-stream to version 1:1.20.1-14.el9_2.6.
- Update redhat nginx-mod-stream-debuginfo to version 1:1.20.1-14.el9_2.6.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-all-modules |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-core |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-core-debuginfo |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-debuginfo |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-debugsource |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-filesystem |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-mod-http-image-filter |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-mod-http-image-filter-debuginfo |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-mod-http-perl |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-mod-http-perl-debuginfo |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-mod-http-xslt-filter |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-mod-http-xslt-filter-debuginfo |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-mod-mail |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-mod-mail-debuginfo |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-mod-stream |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
| Red Hat:rhel_e4s:9.2::appstream | redhat | nginx-mod-stream-debuginfo |
< 1:1.20.1-14.el9_2.6 Fix: upgrade to 1:1.20.1-14.el9_2.6
|
Original title
Red Hat Security Advisory: nginx security update
osv CVSS3.1
8.1
- https://access.redhat.com/errata/RHSA-2026:17751 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#critical Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2477116 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_17751.... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2026-42945 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-42945 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-42945 Vendor Advisory
- https://depthfirst.com/nginx-rift Third Party Advisory
- https://my.f5.com/manage/s/article/K000161019 Third Party Advisory
Published: 16 May 2026 · Updated: 21 May 2026 · First seen: 21 May 2026