VIR Vulnerability Intelligence Relay

Package impact

golang Go / github.com/0xJacky/Nginx-UI

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-34403 high 8.0 1mo ago Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints golang
CVE-2026-42220 medium 6.5 6.5 24d ago Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback golang