German government CERT advisories report multiple vulnerabilities in NGINX and NGINX Plus that can be exploited for denial of service, with a newer notice warning that affected NGINX Open Source and NGINX Plus deployments may also face potential code execution. The advisories indicate that the issues affect both the commercial and open source product lines, expanding the risk beyond service disruption alone.
The earlier advisory described multiple flaws enabling service outages in NGINX and NGINX Plus, while the later advisory escalated the impact to include possible remote code execution in addition to denial of service. Organizations running internet-facing NGINX infrastructure should review the referenced dCERT notices, identify exposed versions across reverse proxies, load balancers, and web servers, and prioritize vendor-recommended updates or mitigations.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
2 events from the most recent confirmed update back to the earliest known activity.
dCERT published advisory 2026-1632 for NGINX Open Source and NGINX Plus describing a vulnerability that could allow denial of service and potentially code execution. The reference indicates this as a distinct later advisory affecting the same product family.
dCERT issued advisory 2024-1711 covering multiple vulnerabilities in NGINX and NGINX Plus that could allow denial of service. No further technical details are provided in the reference content.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
2 references tracked. Mallory keeps watching after this page renders.
dcert.de
Open sourcedcert.de
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.