cybercrime.clubhttps://cybercrime.club/tags/nginx-ui/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usSun, 05 Apr 2026 10:12:21 -0400CVE-2026-33032: Nginx UI MCP Endpoint Lets Anyone Hijack Your Web Server — No Auth Requiredhttps://cybercrime.club/posts/nginx-ui-cve-2026-33032-unauthenticated-mcp-takeover/Sun, 05 Apr 2026 10:12:21 -0400https://cybercrime.club/posts/nginx-ui-cve-2026-33032-unauthenticated-mcp-takeover/Critical 9.8 CVSS flaw in Nginx UI exposes unauthenticated MCP endpoint. Public PoC available, no patch yet. Disable or firewall Nginx UI immediately.vulnerabilities