Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

A critical authentication bypass vulnerability (CVE-2026-33032, CVSS 9.8) in nginx-ui, an open-source Nginx management tool, is being actively exploited in the wild. The flaw, codenamed 'MCPwn' by Pluto Security, allows threat actors to bypass authentication and seize full control of Nginx servers. Organizations using nginx-ui should update immediately to the latest patched version. The critical severity and widespread availability of the tool make this a high-priority remediation. No specific threat actor groups or malware families have been attributed to the exploitation campaign at this time.

A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild. The vulnerability in question is CVE-2026-33032 (CVSS score: 9.8), an authentication bypass vulnerability that enables threat actors to seize control of the Nginx service. It has been codenamed MCPwn by Pluto Security. "

A critical authentication bypass vulnerability (CVE-2026-33032, CVSS 9.8) in nginx-ui, an open-source Nginx management tool, is being actively exploited in the wild. The flaw, codenamed 'MCPwn' by Pluto Security, allows threat actors to bypass authentication and seize full control of Nginx servers. Organizations using nginx-ui should update immediately to the latest patched version. The critical severity and widespread availability of the tool make this a high-priority remediation. No specific threat actor groups or malware families have been attributed to the exploitation campaign at this time. A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild. The vulnerability in question is CVE-2026-33032 (CVSS score: 9.8), an authentication bypass vulnerability that enables threat actors to seize control of the Nginx service. It has been codenamed MCPwn by Pluto Security. " A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild. The vulnerability in question is CVE-2026-33032 (CVSS score: 9.8), an authentication bypass vulnerability that enables threat actors to seize control of the Nginx service. It has been codenamed MCPwn by Pluto Security. "