Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > MCPwn
#MCPwn

Critical CVE-2026-33032 (MCPwn): Actively Exploited nginx-ui Flaw Enables Full Web Server Takeover in Two HTTP Requests

21 April 2026  |  dark6  |  Vulnerability

CVE-2026-33032 (MCPwn) is a CVSS 9.8 authentication bypass in nginx-ui being actively exploited in the wild. Attackers can seize full control of Nginx web servers in two HTTP...

>> read more