NGINX Rift allows an unauthenticated attacker to crash a worker process, or potentially achieve remote code execution on hosts with ASLR disabled, by sending a single crafted HTTP request.
Help us test our patched nginx package: https://almalinux.org/blog/2026-05-13-nginx-rift-cve-2026-42945/
AlmaLinux
npub1ax…3lujq
2026-05-14 14:12:07 UTC
Author Public Key
npub1ax5chf02hudke2wumsdjujenxtpsxjg94qgqtk5zldezkw4xpt0sx3lujqSeen on
wss://relay.momostr.pinkPublished at
2026-05-14 14:12:07 UTCEvent JSON
{
"id": "a0c377054408f2d250b0cff2788575c9349ed6e91270bd6c6f668e0e0dbc0569",
"pubkey": "e9a98ba5eabf1b6ca9dcdc1b2e4b3332c3034905a81005da82fb722b3aa60adf",
"created_at": 1778767927,
"kind": 1,
"tags": [
[
"proxy",
"https://fosstodon.org/@almalinux/116573334888000280",
"web"
],
[
"proxy",
"https://fosstodon.org/users/almalinux/statuses/116573334888000280",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://fosstodon.org/users/almalinux/statuses/116573334888000280",
"pink.momostr"
],
[
"-"
]
],
"content": "NGINX Rift allows an unauthenticated attacker to crash a worker process, or potentially achieve remote code execution on hosts with ASLR disabled, by sending a single crafted HTTP request.\n\nHelp us test our patched nginx package: https://almalinux.org/blog/2026-05-13-nginx-rift-cve-2026-42945/",
"sig": "1a18a1c250b6afa7dfed6dcc877d98379c1718496b3316cb6b5b430f97deabc6033cff59b17f6b2271f2f1e3e615a80cffbdf1ed1d3ca888c811c42a991b40ac"
}