VIR Vulnerability Intelligence Relay

Package impact

golang GO / github.com/0xJacky/Nginx-UI

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-44015 critical 9.9 9.9 16d ago Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services golang
CVE-2026-42221 critical 9.8 9.8 24d ago Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim golang
CVE-2026-34403 high 8.0 1mo ago Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints golang