SECURITYWEEK reports that a critical Nginx UI vulnerability, CVE-2026-33032, has been exploited in the wild, allowing unauthenticated attackers to take full control of Nginx servers. The flaw, tied to Nginx UI’s MCP AI integration, was patched recently in version 2.3.4. Pluto Security researchers discovered and disclosed the issue in March, finding more than 2,600 internet‑exposed instances.
The article notes that an unauthenticated attacker can exploit specially crafted requests to take over Nginx servers, and technical details and PoC code have been made public. Recorded Future recently said CVE-2026-33032 was one of 31 high‑impact vulnerabilities observed being exploited in March 2026, though the exact attack nature remains unclear. The piece quotes Yotam Perkal of Pluto, who warns that AI integration endpoints expose similar capabilities to the core application and often bypass security controls.