Overview Recently, NSFOCUS CERT detected that Nginx and F5 issued security bulletins to fix the Nginx remote code execution vulnerability (CVE-2026-42945); because the ngx_http_rewrite_module module contains question marks in processing (? ) has a defect in the calculation logic when replacing strings with rewrite. Under certain configuration conditions, an unauthenticated...
Category: Emergency Response
Linux Kernel Fragnesia Privilege Escalation Vulnerability (CVE-2026-46300) Notice
Overview Recently, NSFOCUS CERT detected that the Linux kernel Fragnesia privilege escalation vulnerability (CVE-2026-46300) was disclosed online. Fragnesia is a new variant of Dirty Frag; Due to the logical defects in the processing of shared page fragments by the ESP-in-TCP subsystem during the skb merge process, a local attacker with...
Linux Kernel Privilege Escalation Vulnerability (Dirty Frag) Alert
Overview Recently, NSFOCUS CERT has detected a Linux kernel privilege escalation vulnerability (Dirty Frag) disclosed online. Attackers use the logical defects of splice system calls in conjunction with xfrm-ESP or RxRPC protocol stacks to tamper with the page cache of any read-only file without race conditions to obtain system root...
WAF Defense in Crisis? NSFOCUS Locks Down “Ghost Bits” Attacks in Advance
Incident Review In April 2026, Black Hat Asia 2026 disclosed a systematic security threat named Ghost Bits, targeting underlying encoding flaws in the Java ecosystem that can render mainstream WAF/IDS defenses completely ineffective. The core of this risk lies in inconsistent encoding interpretations of the same input between the security...
Xinference PyPI Supply Chain Poisoning Warning
Overview Recently, NSFOCUS CERT detected that Xinference had suffered supply chain poisoning in its PyPI warehouse. The attacker stole the PyPI release permission credentials of Xinference maintainers and released three consecutive malicious versions implanted with Trojans on April 22, GMT+8. When triggered by the user, it will collect cloud credentials,...
Microsoft’s April Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft Visual Studio, Microsoft .NET Framework, Widely used products such as Azure, including high-risk vulnerability types such as privilege escalation and remote code execution....
