Infosecurity-magazine.com

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

A critical authentication bypass in nginx-ui, a widely used open-source web interface for managing nginx servers, has been actively exploited in the wild. The vulnerability, tracked as CVE-2026-33032 ...
Dark Reading

Critical MCP Integration Flaw Puts NGINX at Risk

Attackers are actively exploiting a critical flaw in the widely used nginx-ui interface for managing NGINX web servers. The flaw, tracked as CVE-2026-33032, (CVSS: 9.8) stems from nginx-ui's insecure ...
Bleeping Computer

Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication. The flaw, tracked as CVE-2026-33032, ...
heise online

Critical security vulnerability in Nginx UI closed again

Admins who use the Nginx UI web interface for their nginx-based web servers should update the software promptly. If they don't, attackers can exploit multiple security vulnerabilities and, in the ...