A critical heap buffer overflow just hit every standard NGINX build. And it's been sitting there since 2008.Active exploitation is confirmed in the wild. The public PoC came out on disclosure day.So we stepped in and just added detection for CVE-2026-42945 to our penetration testing module. You can access it <a target="" rel="noopener noreferrer nofollow" class="link" href="https://hub.oneclickcomply.com/pentesting">here</a><img data-width="100%" data-align="center" alt="" data-featurebase-content-key="69a17016464687dac3284bf8/changelog/6a0ec8330582802683e3a6a4/019e49bf-2fca-7fd3-9f64-8f3219ff00eb/b64u-aW1hZ2UucG5n.png" src="https://69a17016464687dac3284bf8.featurebase-attachments.com/c/changelog/6a0ec8330582802683e3a6a4/019e49bf-2fca-7fd3-9f64-8f3219ff00eb/b64u-aW1hZ2UucG5n.png?X-Amz-Expires=3600&amp;X-Amz-Date=20260526T180000Z&amp;X-Amz-Algorithm=AWS4-HMAC-SHA256&amp;X-Amz-Credential=DO801TYC4FCVNNEKURKM%2F20260526%2Ffra1%2Fs3%2Faws4_request&amp;X-Amz-SignedHeaders=host&amp;X-Amz-Signature=4d0b32ec26875b50c6901a258faec3604322e320682ea6a80a98daf95fde3ed5" data-featurebase-content-filename="image.png">Don’t have access to penetration testing? Drop us a message and one of our team will be happy to take you through how it can benefit and protect your business.

Detect the critical NGINX Rift (CVE-2026-42945)

Help Center

Improved

Fixed

oneclickcomply

Requests to exclude people, paths and locations for a specified time period / forever.

In Review

Planned

In Progress

Completed

Rejected

With user

High Priority

Low Priority

Backlog

Next up

Done

Main Roadmap

{{admin.name}}OneClickComplyE: <a target="_blank" rel="noopener noreferrer nofollow" class="link" href="mailto:support@oneclickcomply.com">support@oneclickcomply.com</a> (working hours)We’re here for you 24ˣ7 on +44 20 4586 9634

We’re here for you 24ˣ7 on +44 20 4586 9634

Hey {name|there}! 👋