Overview Recently, NSFOCUS CERT detected that Nginx and F5 issued security bulletins to fix the Nginx remote code execution vulnerability (CVE-2026-42945); because the ngx_http_rewrite_module module contains question marks in processing (? ) has a defect in the calculation logic when replacing strings with rewrite. Under certain configuration conditions, an unauthenticated...
Category: Blog
Linux Kernel Fragnesia Privilege Escalation Vulnerability (CVE-2026-46300) Notice
Overview Recently, NSFOCUS CERT detected that the Linux kernel Fragnesia privilege escalation vulnerability (CVE-2026-46300) was disclosed online. Fragnesia is a new variant of Dirty Frag; Due to the logical defects in the processing of shared page fragments by the ESP-in-TCP subsystem during the skb merge process, a local attacker with...
NSFOCUS Included in the Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies
SANTA CLARA, Calif., May 13, 2026 – On May 4, 2026, Gartner® published the Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies report (hereinafter referred to as "the Report"). NSFOCUS was included in the Visionaries quadrant. We believe, this recognition reflects the international acknowledgment of the company's deep technical expertise, comprehensive product...
Now Released: NSFOCUS 2025 Global DDoS Landscape Report
In 2025, fueled by AI and LLMs, DDoS attacks are shifting from volume-based tactics to intelligent, high-precision warfare. This evolution, marked by increased stealth and a bifurcated ecosystem of veteran and AI-driven actors, is deconstructed in NSFOCUS 2025 Global DDoS Landscape Report. Key Opinions 1. AI-driven DDoS platforms entered active...
Linux Kernel Privilege Escalation Vulnerability (Dirty Frag) Alert
Overview Recently, NSFOCUS CERT has detected a Linux kernel privilege escalation vulnerability (Dirty Frag) disclosed online. Attackers use the logical defects of splice system calls in conjunction with xfrm-ESP or RxRPC protocol stacks to tamper with the page cache of any read-only file without race conditions to obtain system root...
WAF Defense in Crisis? NSFOCUS Locks Down “Ghost Bits” Attacks in Advance
Incident Review In April 2026, Black Hat Asia 2026 disclosed a systematic security threat named Ghost Bits, targeting underlying encoding flaws in the Java ecosystem that can render mainstream WAF/IDS defenses completely ineffective. The core of this risk lies in inconsistent encoding interpretations of the same input between the security...
