CVE•Published 2026-03-05•2 articles on news•7 live references•NVD data
CVE-2026-27944
Vulnerability data via CVEDB (Shodan)
CVSS v3.1
9.8
CRITICAL
EPSS percentile
97
Exploit Prediction Scoring System · top 3% of all CVEs
Description
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to download a full system backup containing sensitive data (user credentials, session tokens, SSL private keys, Nginx configurations) and decrypt it immediately. This issue has been patched in version 2.3.3.
Timeline
Published 2026-03-05
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
Shodan · vuln tag0 hosts
vuln:CVE-2026-27944Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product + version
product:"Nginxui Nginx Ui" version:"1.2.0"Version-pinned fingerprint from NVD's first vulnerable CPE.
Shodan · banner/body mention
http.html:"Nginx Ui"HTTP body or banner mentions "Nginx Ui" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2026-27944Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-27944Censys host search filtered to this CVE id.
grep.app
CVE-2026-27944Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-27944GitHub code search for direct mentions.
Google dork
"CVE-2026-27944" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (8)
CVE-2026-279448 repos
Threekiii/Awesome-POCJava
一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.
Threekiii/CVEunknown
一个 CVE 漏洞预警知识库,无 exp/poc,部分包含修复方案。A knowledge base of CVE security vulnerability, no PoCs/exploits.
xiguayiqiu/GYscanunknown
GYscan是一款基于Go语言开发的现代化综合渗透测试工具,专为安全研究人员、渗透测试工程师和红队成员设计。项目采用模块化架构,包含C2服务器端和客户端组件,支持Windows和Linux平台,提供系统安全分析和漏洞扫描功能。
wgpsec/tchkillerPython
基于 claude-agent-sdk 的智能渗透测试 Agent,用于参与第二届 TCH 智能渗透挑战赛。
DarkFunct/TK-CVE-RepoPython
TK-CVE-Repo
webpro255/awesome-ai-agent-attacksunknown
A curated timeline of real AI agent security incidents, breaches, and vulnerabilities (2024-2026). Every entry sourced and dated.
mooyoul/awesome-starsunknown
A curated list of my GitHub stars
J1ezds/Vulnerability-Wiki-pageHTML
这是一个每天同步Vulnerability-Wiki中docs-base中内容的项目