What is the CVSS score of CVE-2026-27944?

CVE-2026-27944 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 1.0%.

Which versions of TLS are affected by CVE-2026-27944?

Nginx UI versions 2.3.3 and earlier contain a critical authentication bypass vulnerability (CVE-2026-27944) that allows unauthenticated attackers to access and manipulate critical functions.. A patch is available.

Is there a public PoC exploit available for CVE-2026-27944?

Yes, a public proof-of-concept exploit is available for CVE-2026-27944. Prioritise patching immediately. EPSS: 1.0%.

How to fix or mitigate CVE-2026-27944?

Within 24 hours: Identify all systems running Nginx UI versions up to 2.3.3 and isolate them from untrusted networks; disable Nginx UI administrative interfaces if not actively required. Within 7 days: Implement network-level access controls restricting UI access to authorized administrators only; deploy WAF rules blocking exploitation patterns if available from the vendor. Within 30 days: Upgrade to a patched version when released by the vendor, or replace Nginx UI with an alternative solution if no patch timeline is provided.

TLS CVE-2026-27944

CRITICAL

Missing Authentication for Critical Function (CWE-306)

2026-03-05 security-advisories@github.com

GHSA-g9w5-qffc-6762

Nginx TLS Nginx Ui Suse

9.8

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SUSE

CRITICAL

qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

Analysis Generated

Mar 12, 2026 - 22:06 vuln.today

PoC Detected

Mar 10, 2026 - 18:11 vuln.today

Public exploit code

CVE Published

Mar 05, 2026 - 19:16 nvd

CRITICAL 9.8

DescriptionGitHub Advisory

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to download a full system backup containing sensitive data (user credentials, session tokens, SSL private keys, Nginx configurations) and decrypt it immediately. This issue has been patched in version 2.3.3.

Articles & Coverage 1

POC CVE-2026-27944: Nginx UI Unauthenticated Backup Download & Admin Account Creation Mar 14, 2026

AnalysisAI

Unauthenticated backup download and RCE in Nginx UI before 2.3.3. EPSS 1.0%. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Send unauthenticated HTTP GET request to /api/backup

Exploit

Receive encrypted backup file and decryption key in X-Backup-Security header

Execution

Decrypt backup locally

Impact

Extract sensitive credentials and SSL keys

Access

Send unauthenticated HTTP GET request to /api/backup

Exploit

Receive encrypted backup file and decryption key in X-Backup-Security header

Execution

Decrypt backup locally

Impact

Extract sensitive credentials and SSL keys

Vulnerability AssessmentAI

Exploitation	Nginx UI version prior to 2.3.3 with /api/backup endpoint enabled. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 9.8, EPSS 1.0%. Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	Download backups containing credentials, or exploit for RCE.
Remediation	Update to 2.3.3. Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems running Nginx UI versions up to 2.3.3 and isolate them from untrusted networks; disable Nginx UI administrative interfaces if not actively required. …

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Critical

CVE-2026-27944 vulnerability details – vuln.today

Back

TLS CVE-2026-27944

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

Articles & Coverage 1

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Vendor StatusVendor

SUSE

Share

External POC / Exploit Code