Exploit for CVE-2026-9256_E7E6D46B-83A3-5E62-937F-13084516E2F5

9.2 / 10

CRITICAL

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

Description

It should be noted that the /api route used by default in the PoC is not a fixed path required to trigger the vulnerability, but rather an example path used in the current reproduction environment. During actual testing, the request path should be...

Visit Original Source

Basic Information

ID E7E6D46B-83A3-5E62-937F-13084516E2F5

Published May 28, 2026 at 08:22

Modified May 28, 2026 at 08:24

{
    "lastseen": "2026-05-28T08:30:34",
    "description": "It should be noted that the /api route used by default in the PoC is not a fixed path required to trigger the vulnerability, but rather an example path used in the current reproduction environment. During actual testing, the request path should be...",
    "published": "2026-05-28T08:22:32",
    "modified": "2026-05-28T08:24:20",
    "type": "githubexploit",
    "title": "Exploit for CVE-2026-9256",
    "source": "",
    "references": "",
    "id": "E7E6D46B-83A3-5E62-937F-13084516E2F5",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2026-9256"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 9.2,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://github.com/W5M1n9/NGINX-ngx_http_rewrite_module-heap-buffer-overflow-CVE-2026-9256",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply