Nginx
by F5
Take action — actively targeted
Nginx is actively targeted by attackers. A significant proportion of its known vulnerabilities are being exploited.
What to do
- Apply all available updates immediately
- Review your exposure — is this internet-facing?
- Monitor vendor advisories for this product
What Attackers Target
Vulnerabilities with high exploit probability
47.6%
Confirmed actively exploited (CISA)
4.8%
Public exploit code available
0.0%
Based on 21 known vulnerabilities. Percentages show the proportion that are actively dangerous — a low percentage means most vulnerabilities in this product are not being exploited.
Most Dangerous Vulnerabilities
| CVE | CVSS | Exploit Probability | Confirmed |
|---|---|---|---|
| CVE-2023-44487 | 7.5 | 94.4% | Yes |
| CVE-2017-7529 | 7.5 | 92.9% | — |
| CVE-2016-0742 | 7.5 | 80.4% | — |
| CVE-2021-23017 | 7.7 | 73.5% | — |
| CVE-2019-20372 | 5.3 | 69.7% | — |
| CVE-2018-16843 | 7.5 | 55.5% | — |
| CVE-2016-0747 | 5.3 | 33.2% | — |
| CVE-2016-0746 | 9.8 | 14.0% | — |
| CVE-2019-9511 | 7.5 | 13.9% | — |
| CVE-2018-16844 | 7.5 | 10.9% | — |
| CVE-2016-1247 | 7.8 | 9.8% | — |
| CVE-2019-9513 | 7.5 | 6.7% | — |
| CVE-2018-16845 | 6.1 | 6.3% | — |
| CVE-2016-4450 | 7.5 | 4.0% | — |
| CVE-2025-23419 | 4.3 | 3.8% | — |
| CVE-2017-20005 | 9.8 | 3.2% | — |
| CVE-2019-9516 | 6.5 | 2.2% | — |
| CVE-2022-41741 | 7.0 | 0.9% | — |
| CVE-2021-3618 | 7.4 | 0.6% | — |
| CVE-2011-4968 | 4.8 | 0.4% | — |
51
/ 100
high-risk
Active Threat
50/50 · Critical
Exploit Availability
1/50 · Minimal
Score uses Wilson score intervals to account for sample size. Products with few CVEs are scored conservatively.