CVE-2026-27654
Awaiting Analysis Awaiting Analysis - Queue
Buffer Overflow in NGINX ngx_http_dav_module Causes Process Crash

Publication date: 2026-03-24

Last updated on: 2026-03-26

Assigner: F5 Networks

Description
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-24
Last Modified
2026-03-26
Generated
2026-05-06
AI Q&A
2026-03-24
EPSS Evaluated
2026-05-05
NVD
CVE-2026-27654
EUVD
EUVD-2026-14881
Affected Vendors & Products
Showing 19 associated CPEs
Vendor Product Version / Range
f5 nginx_plus r32
f5 nginx_plus r32
f5 nginx_plus r33
f5 nginx_plus r33
f5 nginx_plus r34
f5 nginx_plus r32
f5 nginx_plus r33
f5 nginx_plus r34
f5 nginx_plus r36
f5 nginx_plus r33
f5 nginx_plus r34
f5 nginx_plus r35
f5 nginx_plus r36
f5 nginx_plus r36
f5 nginx_plus r32
f5 nginx_plus r35
f5 nginx_open_source From 0.5.13 (inc) to 0.9.7 (inc)
f5 nginx_open_source From 1.29.0 (inc) to 1.29.7 (exc)
f5 nginx_open_source From 1.0.0 (inc) to 1.28.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?

I don't know


Can you explain this vulnerability to me?

This vulnerability exists in the ngx_http_dav_module module of NGINX Open Source and NGINX Plus. It allows an attacker to trigger a buffer overflow in the NGINX worker process. This can cause the worker process to terminate unexpectedly or allow modification of source or destination file names outside the document root.

The vulnerability occurs when the configuration file uses the DAV module's MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives.

The impact on integrity is limited because the NGINX worker process runs with low privileges and does not have access to the entire system.


How can this vulnerability impact me? :

This vulnerability can lead to the termination of the NGINX worker process, which may cause service disruption or downtime.

Additionally, it may allow an attacker to modify file names outside the document root, potentially leading to unauthorized changes to files managed by the server.

However, the overall impact on system integrity is constrained due to the low privileges of the NGINX worker process.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart