惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
The Exploit Database - CXSecurity.com
F
Fortinet All Blogs
U
Unit 42
F
Full Disclosure
雷峰网
雷峰网
博客园 - 司徒正美
云风的 BLOG
云风的 BLOG
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Tailwind CSS Blog
The Cloudflare Blog
Last Week in AI
Last Week in AI
罗磊的独立博客
D
DataBreaches.Net
C
Check Point Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
O
OpenAI News
C
CXSECURITY Database RSS Feed - CXSecurity.com
aimingoo的专栏
aimingoo的专栏
S
Security @ Cisco Blogs
大猫的无限游戏
大猫的无限游戏
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
S
SegmentFault 最新的问题
NISL@THU
NISL@THU
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
The Hacker News
The Hacker News
Webroot Blog
Webroot Blog
Security Latest
Security Latest
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Google DeepMind News
Google DeepMind News
酷 壳 – CoolShell
酷 壳 – CoolShell
N
News | PayPal Newsroom
P
Proofpoint News Feed
B
Blog RSS Feed
MongoDB | Blog
MongoDB | Blog
C
Cybersecurity and Infrastructure Security Agency CISA
N
News and Events Feed by Topic
Google Online Security Blog
Google Online Security Blog
H
Help Net Security
Spread Privacy
Spread Privacy
T
Threat Research - Cisco Blogs
GbyAI
GbyAI
I
Intezer
Application and Cybersecurity Blog
Application and Cybersecurity Blog
M
MIT News - Artificial intelligence
Vercel News
Vercel News
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
IT之家
IT之家
MyScale Blog
MyScale Blog
腾讯CDC

Blog | Orca Security

Langflow RCE Actively Exploited to Deploy Cryptominers on AI Infrastructure Orca MCP: When Text Stops Scaling Kubernetes Compliance Tools: Automating CIS Benchmarks Risk-Based Vulnerability Management for the Cloud: A 2026 Guide Private Cloud Security: Top Risks and Best Practices (2026) What Is Generative AI in Cybersecurity? Best Vulnerability Management Tools and Software in 2026 2026 State of Application Security Report Recap: What the Data Says and What Security Teams Should Do About It AI Security for Sensitive Data: Best Practices and Guidelines Best AI Code Security Solutions 2026: How to Secure AI-Generated Code From Platform to Program: How to Ensure Your Cloud Security Solution Delivers Best AI Cybersecurity Providers 2026: A Buyer's Guide to AI-Powered Security Platforms Join Orca Security at Black Hat USA 2026 CNAPP Tools That Reduce Security Tool Sprawl: CNAPP vs. Dedicated Solutions What Is Container Runtime Security? A Practical Guide 2026 What Is Application Security Testing? Tools and Types What Is Managed Cloud Security? A Practical Guide What Is SaaS Security Posture Management? SSPM Guide Top 10 Cloud Security Standards for Compliance What is the MIT License? Compliance and Comparisons AI Agents vs. Agentless Security vs. Agent-based Security 144 Mastra npm Packages Compromised via Supply Chain Attack The Complete Guide to LLM Security: Risks, Best Practices, and Solutions Cloud Security LIVE 2026: Top 10 Takeaways Practitioners Can Use Now Cloud Security LIVE 2026: Top 10 Takeaways CISOs Can Use Now (and What to Do Next) What to Look for in Container Security Tools Cloud Application Security Best Practices for DevSecOps Cloud Security Tools: 10 Types Explained for Teams What Is NIST CSF? Framework 2.0 Explained 7 Open Source Incident Response Tools by Category Critical Langflow Path Traversal Flaw Exploited for Unauthenticated RCE Critical PhpSpreadsheet RCE Patch Bypass Puts Millions at Risk Critical Splunk Enterprise Vulnerabilities Allow Unauthenticated File Operations and Remote Code Execution 16 Best Open Source Application Security Tools 2026 What Is Containerization? Security and Best Practices 8 Container Security Best Practices for 2026 Close the Cloud Identity Gap with Orca and AWS IAM Access Analyzer The 5-Step Context-Aware Cloud Vulnerability Prioritization Framework Critical Jupyter Enterprise Gateway Vulnerabilities Enable Full Kubernetes Cluster Takeover AI Security Best Practices for Regulated Industries Massive PyPI Supply Chain Attack Harvests Cloud Credentials via Python Startup Hooks SAST vs SCA: Key Differences for AppSec Teams What Is Cloud Security Architecture? Principles, Layers, and Frameworks What Is ASPM? A Guide to Application Security Posture Management What Is SaaS Security? A Practical Guide 2026 What Is a Man-in-the-Middle Attack? A Cloud Security Guide What Is Open Policy Agent? Best Practices and Use Cases 11 Best Open-Source DevSecOps Tools for 2026 How to Secure AI Workloads in Multi-Cloud Environments: A Complete Framework Critical WordPress Plugin Vulnerability Allows Unauthenticated Admin Takeover on 150K Sites What Is Kubernetes as a Service? KaaS Explained Critical Netlogon RCE Flaw Actively Exploited Against Windows Domain Controllers Your FedRAMP Continuous Monitoring Strategy Has a Gap. We Built Something to Fix It. How to Simplify Multi-Cloud Compliance Reporting: The 2026 Checklist Red Hat npm Packages Compromised in Supply-Chain Attack Spreading Credential-Stealing Worm Critical RCE in LiquidJS Lets Attackers Execute Arbitrary Commands on Unpatched Hosts Securing Shadow AI: How to Detect Unapproved LLMs in Your Cloud Data Security Posture Management (DSPM) for AI Gitea Container Registry Exposes Private Images to Unauthenticated Attackers Critical Unauthenticated RCE in Kopia Backup via SSH ProxyCommand Injection Best Palo Alto Networks Cortex (Prisma Cloud) Alternatives in 2026 7 Enterprise AI Security Risks to Manage Critical Pre-Auth RCE in ChromaDB Threatens AI Infrastructure Critical Coder Signature Bypass Exposes Developer Keys and Tokens New “PoolSlip” NGINX Exploit Revives Unpatched Remote Code Execution Risk Critical Drupal SQL Injection Exposes PostgreSQL-Backed Sites to Remote Code Execution AI Security Tools: How to Evaluate Them Across Every ML Attack Phase Massive npm Supply Chain Attack Compromises AntV Ecosystem, Steals CI/CD Secrets at Scale NIST AI Risk Management Framework (AI RMF) Explained: What It Is and How Organizations Use It The AI Data You Forgot to Lock: How Exposed Vector Databases Put Organizations at Risk GenAI Risks in Cloud Environments: What Security Teams Are Actually Missing in 2026 What Is Multi-Cloud Security? What Is Cloud Detection and Response (CDR)? Linux kernel vulnerability enables local theft of SSH host keys and /etc/shadow 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated DoS and Potential RCE Announcing Cloud Security Agent Skills for Orca’s MCP Server TanStack and 160+ npm/PyPI Packages Compromised in Supply Chain Worm Attack Dirty Frag: Linux Kernel Vulnerability Chain Enables Local Privilege Escalation to Root Critical Apache HTTP Server HTTP/2 Vulnerability Could Enable Remote Code Execution Skill Issues: How We Discovered Supply Chain Attack Vectors in an AI Agent Skills Marketplace What Is an Incident Response Plan? What Is Cloud Data Security? Risks, Challenges, and 12 Best Practices Remote Code Execution in GitHub Enterprise Server via Git Push Injection (CVE-2026-3854) Linux Kernel Bug (Copy.Fail) Enables Local Privilege Escalation to Root (CVE-2026-31431) Xinference PyPI package compromise leads to full environment takeover What is Application Security? When AI Accelerates the Offense, Coverage Gaps Become Catastrophic Orca Security Recognized in the 2026 TAG Enterprise AI Security Handbook Navigating Cloud Security in 2026: Join Cloud Security LIVE Anthropic’s Project Glasswing Is a Positive Step Toward Cleaner, Safer Production Kyverno SSRF: Breaking Kubernetes Namespace Isolation (CVE-2026-4789) Streamline Compliance Reporting with Orca and Drata’s Integrated Vulnerability Management CVE-2026-23226: How a Missing Lock in ksmbd’s Channel List Exposes Your Linux SMB3 Server 2026 State of AppSec: When Development Velocity Outpaces Security AI Is Entering Your Infrastructure. Now what? Orca Security Featured in SACR’s 2026 Unified Agentic Defense Platforms Report Supply Chain Attack on Axios Delivers Cross-Platform RAT via Compromised npm Account Credential‑Stealing Malware in LiteLLM Supply Chain Attack Mission Accomplished: Orchestrate Your Remediation Strategy With Orca Missions The Orca Approach to Runtime AI Security
How Orca Traced an nginx Flaw to 1.45 Million Tengine Servers All Running Vulnerable Code
Daniel Ufliand · 2026-06-16 · via Blog | Orca Security

TL;DR

When a critical nginx vulnerability hits the headlines, security teams patch nginx. But what if the same vulnerable code is running somewhere they’re not looking?

While the rest of the industry was busy patching nginx, Orca’s Threat Research Team was asking a different question and the answer led us straight to Tengine

Tengine, Alibaba’s nginx fork, is deployed on 1.45 million internet-facing servers worldwide and carries the exact same vulnerable code behind CVE-2026-42945 and CVE-2026-9256. These CVEs are two heap buffer overflows that let an unauthenticated attacker crash a Tengine worker process with a single crafted HTTP request. 

These vulnerabilities were untouched, unpatched, and almost completely unmonitored for nearly two decades. We’re talking CDN edges, reverse proxies, and the Aliyun and Taobao infrastructure that fronts an enormous chunk of the internet. So we did the work to confirm it: compiled Tengine from source, built working exploits for both CVEs, and watched worker processes crash on demand with full ASAN stack traces. When Orca began this research, no patch, no commit, and no acknowledgement of these vulnerabilities from Tengine’s maintainers existed. 

As of June 10, 2026, both CVEs have been fixed in the main branch, with a patched release (Tengine 3.2.0) targeted for June 30, 2026. Recommended mitigation steps are included at the end of this blog.

Background

The two CVEs we started with are both heap buffer overflows in nginx’s rewrite engine, same source file (ngx_http_script.c), same function family, two different bugs.

CVE-2026-42945 (“NGINX Rift”) 

  • CVSS (v4): 9.2
  • A stale is_args flag leaks between chained rewrite rules, causing the length-calculation pass and the write pass to disagree about buffer size. Fixed in nginx 1.30.1 / 1.31.0 on May 13, 2026.

CVE-2026-9256 (“nginx-poolslip”) 

  • CVSS (v4): 9.2
  • Overlapping PCRE captures cause URI-escape overhead to be counted once during sizing but written twice. Fixed in nginx 1.30.2 / 1.31.1 on May 22, 2026 and upgrading to 1.30.1 to patch the first CVE leaves you exposed to the second.

Eighteen years in the wild. Both unauthenticated. Both triggered by a single crafted HTTP request. F5 patched nginx and the industry moved on.

But these bugs don’t belong to nginx. They belong to a file. Any project that carries ngx_http_script.c carries the vulnerability. So we started asking: who else ships this code?

The Vulnerable Code

We pulled Tengine 3.1.0 from source. It’s based on nginx 1.24.0 – well behind the patched versions and carrying both bugs untouched in two functions in ngx_http_script.c: ngx_http_script_regex_start_code() (CVE-2026-9256) and ngx_http_script_regex_end_code() (CVE-2026-42945).

CVE-2026-9256: Double-Counting with Overlapping Captures

The size-calculation pass in ngx_http_script_regex_start_code() accounts for URI-escape overhead exactly once – across the entire URI:

if (code->uri) {
    if (r->ncaptures && (r->quoted_uri || r->plus_in_uri)) {
        e->buf.len += 2 * ngx_escape_uri(NULL, r->uri.data, r->uri.len,
                                         NGX_ESCAPE_ARGS);
    }
}
for (n = 2; n < r->ncaptures; n += 2) {
    e->buf.len += r->captures[n + 1] - r->captures[n];  // raw size, no escaping
}

But the write pass (ngx_http_script_copy_capture_code) escapes each capture independently. With overlapping captures like ((.+)), $1 and $2 point to the same bytes – so the write pass escapes them twice, while the buffer was only sized for once. A URI with 900 + characters (each + expands to 3-byte %2B) blows past the allocation:

PhaseSize
Allocated (length pass)4,304 bytes
Written (write pass)~6,104 bytes
Overflow~1,800 bytes

CVE-2026-42945: Stale is_args Flag

In ngx_http_script_regex_end_code, the e->is_args flag never reset between chained rewrite rules:

// Tengine 3.1.0 — missing: e->is_args = 0;
e->quote = 0;

When the first rewrite rule’s replacement string contains a ? (setting is_args = 1), the flag carries over into the next rule. The length engine runs with a fresh le.is_args = 0, but the write engine uses the stale e->is_args = 1 – so the write phase escapes characters the length phase didn’t account for, and the buffer overflows. In our test, a chained-rewrite request carrying 3,200 ‘A’ characters followed by 900 ‘+’ characters drove the write past the 4,124-byte buffer (ASAN trace below).

Proof: ASAN-Confirmed Crashes

Source inheritance isn’t proof. To confirm both bugs were actually exploitable in Tengine 3.1.0 not just present in the code we built a controlled test environment and ran the attacks end-to-end. Tengine 3.1.0 compiled from source with AddressSanitizer (-fsanitize=address) in a Docker container. Three test cases: one control to prove the bug doesn’t fire on benign input, two exploits for the two CVEs.

Test Configuration

server {
    listen 8081;

    # SAFE: single capture (control test)
    location /safe/ {
        rewrite ^/safe/(.+)$ /out/$1 redirect;
    }

    # CVE-2026-9256: overlapping captures
    location /vuln/ {
        rewrite ^/vuln/((.+))$ /out/$1/$2 redirect;
    }

    # CVE-2026-42945: is_args carry-over
    location /rift/ {
        rewrite ^/rift/(.+)$  /step2/$1?injected;
        rewrite ^/step2/(.+)$ /out/$host/$1;
        return 404;
    }
}

Results

Control (/safe/, single capture, 900 + chars):

  • The worker survived. No ASAN output, clean 302 redirect. This is the important negative result  it proves the bug isn’t a generic regex-rewrite issue. It requires the specific overlapping-captures or chained-rewrite pattern.

CVE-2026-9256 (/vuln/, overlapping captures, 900 + chars):

  • Worker crashed. PID changed from 7 to 47 (master respawned a fresh worker).
  • ASAN output:
==7==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xffff9ba205d0
WRITE of size 1 at 0xffff9ba205d0 thread T0
    #0 ngx_escape_uri              src/core/ngx_string.c:1689
    #1 ngx_http_script_copy_capture_code  src/http/ngx_http_script.c:1399
    #2 ngx_http_rewrite_handler    src/http/modules/ngx_http_rewrite_module.c:180

0xffff9ba205d0 is located 0 bytes to the right of 4304-byte region

CVE-2026-42945 (/rift/, chained rewrites, 3200 A + 900 + chars):

  • Worker crashed. PID changed from 47 to 102.
  • ASAN output:
==47==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xffff9ba1c91c
WRITE of size 1 at 0xffff9ba1c91c thread T0
    #0 ngx_escape_uri              src/core/ngx_string.c:1689
    #1 ngx_http_script_copy_capture_code  src/http/ngx_http_script.c:1399
    #2 ngx_http_rewrite_handler    src/http/modules/ngx_http_rewrite_module.c:180

0xffff9ba1c91c is located 0 bytes to the right of 4124-byte region

Same crash site, two different triggers. Both stack traces land in ngx_http_script_copy_capture_code, not the functions named above – exactly as expected: regex_start_code/_end_code compute the under-sized buffer, while the out-of-bounds write happens later, when copy_capture_code escapes the captures into it. Both bugs confirmed exploitable in Tengine with a single unauthenticated HTTP request.

Internet Exposure: 1.45 Million Servers

Using Shodan, we queried for internet-facing Tengine servers. The results:

Total internet-facing Tengine servers: 1,453,152

A large number of the Tengine servers are in China, where it is deeply embedded in Alibaba Cloud deployments, Taobao, Tmall, and Aliyun managed services. Many operate as CDN edge nodes or reverse proxies, where a single worker crash cascades to hundreds of downstream services.

Tengine – the Alibaba-maintained, high-scale-proven fork – is now the liability. Operators chose it for its pedigree, and that same pedigree went 2.5 years without a single release. Today, every available version of Tengine is vulnerable.

Impact

Denial of Service

An unauthenticated attacker can crash a Tengine worker process with a single HTTP request containing + characters in the URL path. No login, no special headers, no cookies – just a crafted URL.

  • In single-worker or master_process off deployments: one request takes the server offline completely.
  • In multi-worker deployments: sending the payload in a loop kills workers faster than the master process can respawn them, resulting in sustained denial of service.

Beyond DoS: Potential for Code Execution

Both bugs are heap buffer overflows – rarely “just” a crash. The upstream CVE-2026-42945 advisory notes that where ASLR is disabled or bypassed, the corruption may be steerable toward code execution.

Preconditions

Exploitation requires:

  • CVE-2026-9256: The rewrite directive uses a regex pattern with distinct, overlapping PCRE captures (e.g., ^/((.*))$) and a replacement string that references multiple such captures (e.g., $1$2) in a redirect or arguments context.
  • CVE-2026-42945: The rewrite directive is followed by a rewrite, if, or set directive and an unnamed PCRE capture ($1, $2) with a replacement string that includes a question mark (?).

These are standard, documented nginx patterns. They appear in production configurations and nothing about them signals danger to an operator.

Recommendations and Mitigations

At the time of writing, the vulnerabilities discussed in this blog have been patched in Tengine’s GitHub repository but have not yet been included in an official release. We recommend that organizations running Tengine assess their exposure and consider the following steps: 

  • If you are building Tengine from source, update to the latest commit on the master branch which includes the fixes. 
  • If you are running a released version, consider applying the relevant patches manually or switching to an upstream Nginx build until a new Tengine release is available. 

Tengine’s last release (3.1.0) was released on October 27, 2023. During the course of our investigation, individual commits addressing both CVEs appeared on Tengine’s GitHub master branch, followed by a public discussion announcing a planned 3.2.0 release targeting June 30, 2026, which will upgrade the nginx core from 1.24.0 to 1.31.x and backport the security fixes. But until that release ships, the official Tengine website, every package manager, and every tagged release still serves the vulnerable 3.1.0. Anyone who downloads and builds Tengine today gets both CVEs out of the box. No patched version has ever been released, so every Tengine server in the world is running the unpatched binary and any using the affected rewrite patterns is exploitable with a single unauthenticated request.

Looking Beyond the Obvious

This research started with a question nobody else was asking. When CVE-2026-42945 and CVE-2026-9256 hit, the industry did the obvious thing: patch nginx, move on. Our Threat Research Team didn’t stop at the headline. We asked the quieter, harder question – who else is running this exact code, and isn’t being told to patch? That single question led us from a patched upstream project to 1.45 million exposed servers running a fork nobody was watching.

That’s the discipline behind everything we do: we don’t just track CVEs, we track code. A vulnerability doesn’t live in a product name – it lives in a file, and that file travels into forks, vendored copies, and abandoned projects long after the original is fixed. Looking beyond the obvious target is how blind spots like Tengine get found before an attacker finds them first. The next inherited flaw is already out there, sitting in code that ships under a different name. We’ll keep looking where others stop.

How Can Orca Help?

Orca enables customers to quickly identify every Tengine instance across their cloud environments, understand exposure in context—including internet accessibility, runtime reachability, and asset criticality—and prioritize remediation based on real risk. Orca’s platform builds a full software inventory from runtime block storage, detecting Tengine builds that carry the vulnerable code even when traditional scanners overlook them. Security teams can use Orca to pinpoint which CDN edges, reverse proxies, and production deployments run Tengine, then focus remediation on the most critical, internet-facing assets first. 

Orca Security platform vulnerability window showing details for the nginx-poolslip vulnerability (CVE-2026-9256) affecting NGINX rewrite modules with an 8.1 CVSS score.
Orca detecting CVE-2026-9256 in Tengine, Alibaba’s for of NGINX
Orca Security platform vulnerability window showing details for CVE-2026-42945 affecting NGINX rewrite modules with an 8.1 CVSS score.
Orca detecting CVE-2026-42945 in Tengine

The Tengine story is not unique. Across cloud environments, organizations unknowingly run software forks, outdated dependencies, and abandoned projects that carry inherited vulnerabilities with no patches in sight. Orca’s full-stack approach ensures that these hidden risks don’t stay hidden – and that your team is never the last to know.