Back to Changelog

vnginx-1.28.3

Security Fix Security Release Released April 2, 2026

Nginx 1.28.3 - Critical security update fixing multiple CVEs

Security Fixes

4

Fixed CVE-2026-27654: Buffer overflow vulnerability in the dav module
Fixed CVE-2026-27784 and CVE-2026-32647: Vulnerabilities in the mp4 module
Fixed CVE-2026-27651 and CVE-2026-28753: Mail session authentication vulnerabilities
Fixed CVE-2026-28755: OCSP stapling bypass vulnerability

Recent Releases

All Releases

See the Demo