High8.1Red Hat & Ubuntu Linux
code execution and denial of service
CVE-2026-9256 Published May 22, 2026
CVE-2026-9256
Affected products & platforms
Red Hat & Ubuntu LinuxUnclassified
Summary
code execution and denial of service. Red Hat rates this important (CVSS 8.1). Weakness: CWE-122. Affected package(s): nginx, nginx:1.26, nginx-main, nginx:1.24, discovery/discovery-ui-rhel9:1782756541. Resolved in Red Hat advisory RHSA-2026:29874 — update the affected packages (`sudo dnf update`).
Affected versions
- nginx-2:1.20.1-28.el9_8.3
- nginx:1.26-9080020260609152155.9
- nginx-main-1.30.2-1.hum1
- nginx:1.24-9080020260610161820.9
- discovery/discovery-ui-rhel9:1782756541
- nginx-2:1.26.3-6.el10_2.4
- nginx:1.24-8100020260611094050.489197e6
Official advisory · high-confidence parse· fetched 5 hours ago·verify at source
Fixed versions
- RHSA-2026:29874
Official advisory · high-confidence parse· fetched 5 hours ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Update the affected package(s) to the fixed version shipped in RHSA-2026:29874 (`sudo dnf update` / `yum update`).
Official advisory · high-confidence parse· fetched 5 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.