NGINX Rift — LLM-Powered Researcher Finds 18-Year-Old RCE (CVSS 9.2) in 1/3 of All Websites

AI relevance: An LLM-powered vulnerability research platform from DepthFirst AI discovered four bugs in NGINX — including an 18-year-old unauthenticated RCE — proving that AI-assisted code analysis is now outpacing human audits on foundational infrastructure used by AI serving stacks.

What happened

• Security startup DepthFirst AI disclosed CVE-2026-42945 (CVSS 9.2), dubbed "NGINX Rift" — a heap buffer overflow in the ngx_http_rewrite_module that has existed in NGINX since version 0.6.27 (2008).
• The vulnerability was found using DepthFirst's LLM-powered research platform, which identified four bugs in NGINX total — including this critical RCE.
• The flaw triggers when a rewrite directive is followed by a rewrite, if, or set directive with an unnamed PCRE capture group (e.g., $1) and a replacement string containing a question mark.
• Exploitation causes a server crash (DoS) by default, and arbitrary code execution on systems with ASLR disabled.
• NGINX powers nearly one-third of all websites and is commonly used as a reverse proxy and load balancer for AI model serving endpoints.
• DepthFirst published a proof-of-concept exploit on GitHub, accelerating the urgency for patching.
• Researchers note NGINX's multi-process architecture makes exploitation more reliable: crashing a worker simply spawns a new one with identical memory layout, enabling repeated exploitation attempts.

Why it matters

This is the latest example of AI-powered vulnerability research finding critical flaws that decades of human auditing missed. For AI infrastructure teams, NGINX is a core component in almost every model serving deployment — as a reverse proxy for vLLM, Triton, or custom API gateways. The rewrite directive patterns that trigger this bug are common in API gateway configurations for versioned model endpoints. A public PoC means exploitation is likely imminent.

What to do

• Upgrade immediately: NGINX 1.31.0, 1.30.1, or NGINX Plus R36 P4 / R32 P6 / 37.0.0.
• Check your rewrite rules: Any configuration using rewrite + set with PCRE captures and question marks in the replacement string is exploitable.
• AI serving stacks: If you run NGINX in front of model serving (vLLM, Triton, etc.), treat this as P0 — model API gateways frequently use the exact rewrite patterns that trigger this vulnerability.
• Note: Several F5 products based on NGINX (Instance Manager, WAF, Gateway Fabric, Ingress Controller) have not yet received patches — check vendor advisories.

Sources

• DepthFirst — NGINX Rift: Achieving NGINX RCE via an 18-Year-Old Vulnerability
• F5 — NGINX Security Advisory K00016101
• CSO Online — AI Agent Finds 18-Year-Old RCE Flaw in NGINX
• NVD — CVE-2026-42945