CVE-2026-33032

CRITICAL

Nginx UI is a web user interface for the Nginx web server. In versions 2.3.5 and prior, the nginx-ui MCP (Model Context Protocol) integration exposes two HTTP endpoints: /mcp and /mcp_message. While /mcp requires both IP whitelisting and authentication (AuthRequired() middleware), the /mcp_message endpoint only applies IP whitelisting - and the default IP whitelist is empty, which the middleware treats as "allow all". This means any network attacker can invoke all MCP tools without authentication, including restarting nginx, creating/modifying/deleting nginx configuration files, and triggering automatic config reloads - achieving complete nginx service takeover. At time of publication, there are no publicly available patches.

CVSS v3.1 Score

9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Published: 3/30/2026Modified: 4/16/2026

Related Intelligence (5)

CRITICALAi

CVE-2026-33032: Nginx UI Missing MCP Authentication

Overview On March 30, 2026, a security advisory was published for a critical vulnerability affecting Nginx UI . Nginx UI is an open-source web interface to centralize the management of Nginx configurations and SSL certificates. The critical vulnerability, CVE-2026-33032 , was reported in early March by Pluto Security researcher Yotam Perkal and subsequently patched on March 15, 2026. That same day

CVE-2026-33032
Rapid7
CRITICALVulnerability

Critical nginx UI tool vulnerability opens web servers to full compromise

Security vendor Pluto Security has published details of a critical vulnerability in the open-source nginx UI web server configuration tool that has been under active exploitation by cybercriminals since March. News of the flaw, identified as CVE-2026-33032 , first appeared on the National Vulnerability Database (NVD) on March 30, the same day that threat intelligence companies VulnCheck and Record

CVE-2026-33032CVE-2025-55182
CSO Online
CRITICALVulnerability

Exploited Vulnerability Exposes Nginx Servers to Hacking

Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool. The post Exploited Vulnerability Exposes Nginx Servers to Hacking appeared first on SecurityWeek .

CVE-2026-33032
SecurityWeek
CRITICALAi

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

Critical nginx-ui MCP authentication bypass CVE-2026-33032 actively exploited with CVSS 9.8

CVE-2026-33032
Infosecurity Magazine
CRITICALVulnerability

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild. The vulnerability in question is CVE-2026-33032 (CVSS score: 9.8), an authentication bypass vulnerability that enables threat actors to seize control of the Nginx service. It has been codenamed MCPwn by Pluto Security. "

CVE-2026-33032
The Hacker News (Blog)

References (3)

https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h6c2-x2m2-mwhfExploitMitigationhttps://websec.net/blog/cve-2026-33032-unauthenticated-nginx-ui-mcp-takeover-69e1200f9fceb1f3fbe9c47fhttps://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h6c2-x2m2-mwhfExploitMitigation