NGINX ngx_http_charset_module vulnerability_CVE-2026-48142

4.8 / 10

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

Description

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_charset_module module. When content is served or proxied through a location block with both source_charset utf-8; and a charset directive (for example, charset koi8-r;) configured, remote, unauthenticated attackers can send requests (in conjunction with conditions beyond their control) to cause a heap buffer over-read in the NGINX worker process, leading to limited disclosure of memory or a restart.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Basic Information

ID CVE-2026-48142

Source f5

Published Jun 17, 2026 at 14:04

Affected Product

Vendor F5

Product NGINX Open Source

Version 1.13.10

Affected Versions F5 NGINX Open Source 1.13.10
F5 NGINX Open Source 1.30.0
F5 NGINX Plus 37.0
F5 NGINX Plus R36

CWE Classification

CWE-125

References

my.f5.com /manage/s/article/K000161585

{
    "lastseen": "",
    "description": "NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_charset_module\u00a0module. When content is served or proxied through a location block with both source_charset\u00a0utf-8; and a charset\u00a0directive (for example, charset koi8-r;) configured, remote, unauthenticated attackers can send requests (in conjunction with conditions beyond their control) to cause a heap buffer over-read in the NGINX worker process, leading to limited disclosure of memory or a restart. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
    "published": "2026-06-17T14:04:32.856Z",
    "modified": "2026-06-17T14:04:32.856Z",
    "type": "cve",
    "title": "NGINX ngx_http_charset_module vulnerability",
    "source": "f5",
    "references": "https://my.f5.com/manage/s/article/K000161585",
    "id": "CVE-2026-48142",
    "bulletinFamily": "",
    "cwe": [
        "CWE-125"
    ],
    "cvelist": null,
    "sourceData": "F5 NGINX Open Source 1.13.10\nF5 NGINX Open Source 1.30.0\nF5 NGINX Plus 37.0\nF5 NGINX Plus R36",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "NGINX Open Source",
    "version": "1.13.10",
    "vendor": "F5",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}