{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-44015","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2026-05-04T21:24:36.506Z","datePublished":"2026-05-12T20:49:16.240Z","dateUpdated":"2026-05-12T20:49:16.240Z"},"containers":{"cna":{"title":"Nginx UI: Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware Allows Access to Internal Services","problemTypes":[{"descriptions":[{"cweId":"CWE-918","lang":"en","description":"CWE-918: Server-Side Request Forgery (SSRF)","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":8.5,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N","version":"3.1"}}],"references":[{"name":"https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-wr32-99hh-6f35","tags":["x_refsource_CONFIRM"],"url":"https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-wr32-99hh-6f35"}],"affected":[{"vendor":"0xJacky","product":"nginx-ui","versions":[{"version":"<= 2.3.4","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2026-05-12T20:49:16.240Z"},"descriptions":[{"lang":"en","value":"Nginx UI is a web user interface for the Nginx web server. In 2.3.4 and earlier, an authenticated user can perform Server-Side Request Forgery (SSRF) by creating a cluster node pointing to an arbitrary internal URL and then sending API requests with the X-Node-ID header. The Proxy middleware forwards these requests to the attacker-specified internal address, bypassing network segmentation and enabling access to services bound to localhost or internal networks."}],"source":{"advisory":"GHSA-wr32-99hh-6f35","discovery":"UNKNOWN"}}}}