CVE-2026-28753
Awaiting Analysis Awaiting Analysis - Queue
CRLF Injection in NGINX ngx_mail_smtp_module Enables Request Manipulation

Publication date: 2026-03-24

Last updated on: 2026-03-26

Assigner: F5 Networks

Description
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_smtp_module module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to potential request manipulation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-24
Last Modified
2026-03-26
Generated
2026-05-07
AI Q&A
2026-03-24
EPSS Evaluated
2026-05-05
NVD
CVE-2026-28753
EUVD
EUVD-2026-14885
Affected Vendors & Products
Showing 19 associated CPEs
Vendor Product Version / Range
f5 nginx_plus r32
f5 nginx_plus r32
f5 nginx_plus r33
f5 nginx_plus r33
f5 nginx_plus r34
f5 nginx_plus r32
f5 nginx_plus r33
f5 nginx_plus r34
f5 nginx_plus r36
f5 nginx_plus r33
f5 nginx_plus r34
f5 nginx_plus r35
f5 nginx_plus r36
f5 nginx_plus r36
f5 nginx_plus r32
f5 nginx_plus r35
f5 nginx_open_source From 1.29.0 (inc) to 1.29.7 (exc)
f5 nginx_open_source From 0.6.27 (inc) to 0.9.7 (inc)
f5 nginx_open_source From 1.0.0 (inc) to 1.28.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-93 The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the ngx_mail_smtp_module of NGINX Plus and NGINX Open Source. It is caused by improper handling of CRLF (Carriage Return Line Feed) sequences in DNS responses. An attacker who controls a DNS server can exploit this flaw to inject arbitrary headers into SMTP upstream requests, which can manipulate the requests being sent.


How can this vulnerability impact me? :

The vulnerability allows an attacker to manipulate SMTP upstream requests by injecting arbitrary headers. This could lead to unauthorized modification of email communications or disruption of mail services. However, the CVSS scores indicate a low to medium severity impact, with no confidentiality or availability impact but a low integrity impact.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart