Alerts This Week
Warning Icon 1 1,308
Alerts This Week
Warning Icon 1 1,308

Oracle Linux nginx Critical Arbitrary Code Exec DoS ELSA-2026-19372

oracle
Calendar Grey June 26, 2026
Oracle Linux Logo Esm H88
Oracle Linux Security Advisory ELSA-2026-19372 details critical nginx updates to address security risks in the system.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[1.26.3-9.0.1] - Require oracle-indexhtml [2:1.26.3-9] - Resolves: RHEL-176218 - nginx:1.26/nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) [2:1.26.3-8] - CVE-2026-32647 nginx:1.26/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files [2:1.26.3-7] - CVE-2026-27651 nginx:1.26/nginx: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled [2:1.26.3-6] - CVE-2026-27784 nginx:1.26/nginx: NGINX: Denial of Service due to memory corruption via crafted MP4 file [2:1.26.3-5] - CVE-2026-27654 nginx:1.26/nginx: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module [2:1.26.3-4] - CVE-2026-1642 nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections [2:1.26.3-3] - Resolves: RHEL-144454 - Clarify binding behavior of -t option [2:1.26.3-2] - Add tmpfiles.d rules for /var directories (bootc compatibility) [2:1.26.3-1] - New versi...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory critical arbitrary code execution nginx deny service Oracle

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates/nginx-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.src.rpm

x86_64

nginx-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.x86_64.rpm nginx-all-modules-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.noarch.rpm nginx-core-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.x86_64.rpm nginx-filesystem-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.noarch.rpm nginx-mod-devel-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.x86_64.rpm nginx-mod-http-image-filter-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.x86_64.rpm nginx-mod-http-perl-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.x86_64.rpm nginx-mod-http-xslt-filter-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.x86_64.rpm nginx-mod-mail-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.x86_64.rpm nginx-mod-stream-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.x86_64.rpm

aarch64

nginx-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.aarch64.rpm nginx-all-modules-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.noarch.rpm nginx-core-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.aarch64.rpm nginx-filesystem-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.noarch.rpm nginx-mod-devel-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.aarch64.rpm nginx-mod-http-image-filter-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.aarch64.rpm nginx-mod-http-perl-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.aarch64.rpm nginx-mod-http-xslt-filter-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.aarch64.rpm nginx-mod-mail-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.aarch64.rpm nginx-mod-stream-1.26.3-9.0.1.module+el9.8.0+90902+e2e6d896.aarch64.rpm

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-42945

Topics%20covered

Topics Covered

security advisory critical arbitrary code execution nginx deny service Oracle

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here