CVE-2026-8711: NGINX JavaScript vulnerability
NGINX JavaScript has a vulnerability when the js_fetch_proxy directive is configured with at least one client-controlled NGINX variable (for example, $http_*, $arg_*, $cookie_*) and a location invoking the ngx.fetch() operation from NGINX JavaScript. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2026-8711?
CVE-2026-8711 is categorized as a high severity vulnerability due to its potential for exploitation by unauthenticated users.
How do I fix CVE-2026-8711?
To mitigate CVE-2026-8711, ensure that the js_fetch_proxy directive is not configured with client-controlled NGINX variables.
What software is affected by CVE-2026-8711?
CVE-2026-8711 affects NGINX JavaScript when improperly configured.
Can CVE-2026-8711 be exploited remotely?
Yes, CVE-2026-8711 can be exploited remotely by an unauthenticated attacker.
What impact does CVE-2026-8711 have on my system?
Exploitation of CVE-2026-8711 may allow an attacker to perform unauthorized operations through the js_fetch_proxy directive.