Microsoft published security advisories for two NGINX vulnerabilities tracked as CVE-2026-28755 and CVE-2026-27784. The flaws affect the ngx_stream_ssl_module and ngx_http_mp4_module components, respectively, and were listed in the Microsoft Security Update Guide as NGINX-related issues.
The advisories provide limited public detail, with no synopsis included in the referenced entries, but they identify separate weaknesses in two widely used NGINX modules tied to SSL/TLS stream handling and MP4 content processing. Organizations using NGINX in Microsoft-supported environments should review the corresponding CVE entries and assess exposure in deployments where either module is enabled.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
2 events from the most recent confirmed update back to the earliest known activity.
Microsoft added CVE-2026-28755 to its Security Update Guide, identifying a vulnerability affecting the NGINX ngx_stream_ssl_module. The reference indicates public disclosure of the issue through Microsoft's advisory portal.
Microsoft added CVE-2026-27784 to its Security Update Guide, identifying a vulnerability affecting the NGINX ngx_http_mp4_module. The reference indicates public disclosure of the issue through Microsoft's advisory portal.
2 references tracked. Mallory keeps watching after this page renders.
msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.