A newly disclosed vulnerability in Nginx UI, tracked as CVE-2026-27944, has raised major security concerns after researchers confirmed that attackers can download and decrypt server backups without authentication. The flaw, which carries a CVSS score of 9.8, represents a critical security risk for organizations that expose their Nginx UI management interface to the public internet.
First seen on thecyberexpress.com
Jump to article: thecyberexpress.com/cve-2026-27944-nginx-ui-backup-vulnerability/
