Blog Security Research CVE-2026-42945: Mitigating a Critical Heap Buffer Overflow Vulnerability in NGINX Akamai SIG is a global team of world-class researchers, engineers, strategists, and data scientists with a broad range of expertise and security disciplines. Our data sources include the enormous Akamai Cloud, open sources, collaboration with third parties, and dark web intelligence. We have also developed our own algorithms and tools that help us deliver our research and keep Akamai security solutions up to date. Executive summary In May 2026, details emerged regarding a critical vulnerability that is impacting NGINX web servers. The vulnerability, which the security community has dubbed “NGINX Rift,” is officially tracked as CVE-2026-42945 . The vulnerability stems from a heap buffer overflow that allows an unauthenticated attacker to cause denial of service (DoS) or, potentially, achieve remote code execution (RCE) .…