{"api_version":"1","generated_at":"2026-07-17T05:39:42+00:00","cve":"CVE-2026-32647","urls":{"html":"https://cve.report/CVE-2026-32647","api":"https://cve.report/api/cve/CVE-2026-32647.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-32647","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-32647"},"summary":{"title":"NGINX ngx_http_mp4_module vulnerability","description":"NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affects NGINX Open Source and NGINX Plus if it is built with the ngx_http_mp4_module module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted MP4 file with the ngx_http_mp4_module module. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.","state":"PUBLISHED","assigner":"f5","published_at":"2026-03-24 15:16:34","updated_at":"2026-07-15 02:20:00"},"problem_types":["CWE-125","CWE-125 CWE-125 Out-of-bounds Read","CWE-125 Out-of-bounds Read"],"metrics":[{"version":"4.0","source":"f5sirt@f5.com","type":"Secondary","score":"8.5","severity":"HIGH","vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","data":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}},{"version":"4.0","source":"CNA","type":"CVSS","score":"8.5","severity":"HIGH","vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","data":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"LOCAL","baseScore":8.5,"baseSeverity":"HIGH","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"}},{"version":"3.1","source":"ADP","type":"CVSS","score":"7.8","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},{"version":"3.1","source":"f5sirt@f5.com","type":"Secondary","score":"7.8","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","score":"7.8","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"7.8","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:15945","name":"https://access.redhat.com/errata/RHSA-2026:15945","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:6906","name":"https://access.redhat.com/errata/RHSA-2026:6906","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32647.json","name":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32647.json","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/security/cve/CVE-2026-32647","name":"https://access.redhat.com/security/cve/CVE-2026-32647","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:15966","name":"https://access.redhat.com/errata/RHSA-2026:15966","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:8346","name":"https://access.redhat.com/errata/RHSA-2026:8346","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:7002","name":"https://access.redhat.com/errata/RHSA-2026:7002","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:6923","name":"https://access.redhat.com/errata/RHSA-2026:6923","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:15942","name":"https://access.redhat.com/errata/RHSA-2026:15942","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://my.f5.com/manage/s/article/K000160366","name":"https://my.f5.com/manage/s/article/K000160366","refsource":"f5sirt@f5.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:13680","name":"https://access.redhat.com/errata/RHSA-2026:13680","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449598","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2449598","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:10065","name":"https://access.redhat.com/errata/RHSA-2026:10065","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:13634","name":"https://access.redhat.com/errata/RHSA-2026:13634","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:15943","name":"https://access.redhat.com/errata/RHSA-2026:15943","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:14836","name":"https://access.redhat.com/errata/RHSA-2026:14836","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:13839","name":"https://access.redhat.com/errata/RHSA-2026:13839","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:6907","name":"https://access.redhat.com/errata/RHSA-2026:6907","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:7343","name":"https://access.redhat.com/errata/RHSA-2026:7343","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-32647","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32647","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"F5","product":"NGINX Open Source","version":"affected 1.29.0 1.29.7 semver","platforms":[]},{"source":"CNA","vendor":"F5","product":"NGINX Open Source","version":"affected 1.1.19 1.28.3 semver","platforms":[]},{"source":"CNA","vendor":"F5","product":"NGINX Plus","version":"affected R36 R36 P3 custom","platforms":[]},{"source":"CNA","vendor":"F5","product":"NGINX Plus","version":"affected R35 R35 P2 custom","platforms":[]},{"source":"CNA","vendor":"F5","product":"NGINX Plus","version":"affected R34 * custom","platforms":[]},{"source":"CNA","vendor":"F5","product":"NGINX Plus","version":"affected R33 * custom","platforms":[]},{"source":"CNA","vendor":"F5","product":"NGINX Plus","version":"affected R32 R32 P5 custom","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","version":"unaffected 2:1.26.3-2.el10_1.1 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","version":"unaffected 2:1.26.3-1.el10_0.8 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"unaffected 8100020260401080144.489197e6 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"unaffected 9070020260331134728.9 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"unaffected 2:1.20.1-24.el9_7.2 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"unaffected 9070020260407080353.9 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","version":"unaffected 1:1.20.1-10.el9_0.3 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","version":"unaffected 1:1.20.1-14.el9_2.5 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","version":"unaffected 1:1.20.1-16.el9_4.5 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","version":"unaffected 9040020260504195322.9 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","version":"unaffected 2:1.20.1-22.el9_6.5 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","version":"unaffected 9060020260504194843.9 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","version":"unaffected 9060020260504154614.9 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Hardened Images","version":"unaffected 1.30.0-1.hum1 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","version":"unaffected 1776868774 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","version":"unaffected 1776868842 * rpm","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Lightspeed proxy 1","version":"","platforms":[]}],"timeline":[{"source":"ADP","time":"2026-03-20T11:44:34.715Z","lang":"en","value":"Reported to Red Hat."},{"source":"ADP","time":"2026-03-24T18:00:00.000Z","lang":"en","value":"Made public."}],"solutions":[{"source":"ADP","title":"","value":"RHSA-2026:13634: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:6906: Red Hat Enterprise Linux AppStream (v. 10)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:6907: Red Hat Enterprise Linux AppStream (v. 8)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:15942: Red Hat Enterprise Linux AppStream E4S (v.9.0)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:14836: Red Hat Enterprise Linux AppStream E4S (v.9.2)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:13839: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:15943: Red Hat Enterprise Linux AppStream EUS (v.9.4)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:15945: Red Hat Enterprise Linux AppStream EUS (v.9.6)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:13680: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:15966: Red Hat Enterprise Linux AppStream EUS (v.9.6)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:6923: Red Hat Enterprise Linux AppStream (v. 9)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:7002: Red Hat Enterprise Linux AppStream (v. 9)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:7343: Red Hat Enterprise Linux AppStream (v. 9)","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:8346: Red Hat Hardened Images","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:10065: Red Hat Update Infrastructure 5","time":"","lang":"en"}],"workarounds":[{"source":"ADP","title":"","value":"To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.\n\nAlternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.","time":"","lang":"en"}],"exploits":[],"credits":[{"source":"CNA","value":"F5 acknowledges Xint Code and Pavel Kohout (Aisle Research) for bringing this issue to our attention and following the highest standards of coordinated disclosure.","lang":"en"}],"nvd_cpes":[{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_open_source","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r32","cpe7":"p1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r32","cpe7":"p2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r32","cpe7":"p3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r32","cpe7":"p4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r33","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r33","cpe7":"p1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r33","cpe7":"p2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r33","cpe7":"p3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r34","cpe7":"p1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r34","cpe7":"p2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r35","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r35","cpe7":"p1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r36","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r36","cpe7":"p1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"32647","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx_plus","cpe6":"r36","cpe7":"p2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-32647","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-03-24T00:00:00+00:00","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-03-25T03:55:49.464Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"affected":[{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:10.1"],"defaultStatus":"affected","packageName":"nginx","product":"Red Hat Enterprise Linux 10","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"2:1.26.3-2.el10_1.1","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"defaultStatus":"affected","packageName":"nginx","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"2:1.26.3-1.el10_0.8","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:enterprise_linux:8"],"defaultStatus":"affected","packageName":"nginx:1.24","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"8100020260401080144.489197e6","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:enterprise_linux:9"],"defaultStatus":"affected","packageName":"nginx:1.24","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"9070020260331134728.9","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:enterprise_linux:9"],"defaultStatus":"affected","packageName":"nginx","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"2:1.20.1-24.el9_7.2","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:enterprise_linux:9"],"defaultStatus":"affected","packageName":"nginx:1.26","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"9070020260407080353.9","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:rhel_e4s:9.0"],"defaultStatus":"affected","packageName":"nginx","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"1:1.20.1-10.el9_0.3","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:rhel_e4s:9.2"],"defaultStatus":"affected","packageName":"nginx","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"1:1.20.1-14.el9_2.5","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:rhel_eus:9.4"],"defaultStatus":"affected","packageName":"nginx","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"1:1.20.1-16.el9_4.5","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:rhel_eus:9.4"],"defaultStatus":"affected","packageName":"nginx:1.24","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"9040020260504195322.9","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:rhel_eus:9.6"],"defaultStatus":"affected","packageName":"nginx","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"2:1.20.1-22.el9_6.5","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:rhel_eus:9.6"],"defaultStatus":"affected","packageName":"nginx:1.24","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"9060020260504194843.9","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:rhel_eus:9.6"],"defaultStatus":"affected","packageName":"nginx:1.26","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"9060020260504154614.9","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:hummingbird:1"],"defaultStatus":"affected","packageName":"nginx-main","product":"Red Hat Hardened Images","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"1.30.0-1.hum1","versionType":"rpm"}]},{"collectionURL":"https://catalog.redhat.com/software/containers/","cpes":["cpe:/a:redhat:rhui:5::el9"],"defaultStatus":"affected","packageName":"rhui5/cds-rhel9","product":"Red Hat Update Infrastructure 5","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"1776868774","versionType":"rpm"}]},{"collectionURL":"https://catalog.redhat.com/software/containers/","cpes":["cpe:/a:redhat:rhui:5::el9"],"defaultStatus":"affected","packageName":"rhui5/rhua-rhel9","product":"Red Hat Update Infrastructure 5","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"1776868842","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:insights_proxy:1"],"defaultStatus":"affected","packageName":"insights-proxy/insights-proxy-container-rhel9","product":"Red Hat Lightspeed proxy 1","vendor":"Red Hat"}],"datePublic":"2026-03-24T18:00:00.000Z","descriptions":[{"lang":"en","value":"A flaw was found in NGINX's ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-125","description":"Out-of-bounds Read","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-07-15T01:07:50.616Z","orgId":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","shortName":"redhat-SADP"},"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2026-32647"},{"name":"RHBZ#2449598","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449598"},{"tags":["x_sadp-csaf-vex"],"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32647.json"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13634"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6906"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6907"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:15942"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:14836"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13839"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:15943"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:15945"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13680"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:15966"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6923"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:7002"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:7343"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:8346"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:10065"}],"solutions":[{"lang":"en","value":"RHSA-2026:13634: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"},{"lang":"en","value":"RHSA-2026:6906: Red Hat Enterprise Linux AppStream (v. 10)"},{"lang":"en","value":"RHSA-2026:6907: Red Hat Enterprise Linux AppStream (v. 8)"},{"lang":"en","value":"RHSA-2026:15942: Red Hat Enterprise Linux AppStream E4S (v.9.0)"},{"lang":"en","value":"RHSA-2026:14836: Red Hat Enterprise Linux AppStream E4S (v.9.2)"},{"lang":"en","value":"RHSA-2026:13839: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4)"},{"lang":"en","value":"RHSA-2026:15943: Red Hat Enterprise Linux AppStream EUS (v.9.4)"},{"lang":"en","value":"RHSA-2026:15945: Red Hat Enterprise Linux AppStream EUS (v.9.6)"},{"lang":"en","value":"RHSA-2026:13680: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"},{"lang":"en","value":"RHSA-2026:15966: Red Hat Enterprise Linux AppStream EUS (v.9.6)"},{"lang":"en","value":"RHSA-2026:6923: Red Hat Enterprise Linux AppStream (v. 9)"},{"lang":"en","value":"RHSA-2026:7002: Red Hat Enterprise Linux AppStream (v. 9)"},{"lang":"en","value":"RHSA-2026:7343: Red Hat Enterprise Linux AppStream (v. 9)"},{"lang":"en","value":"RHSA-2026:8346: Red Hat Hardened Images"},{"lang":"en","value":"RHSA-2026:10065: Red Hat Update Infrastructure 5"}],"timeline":[{"lang":"en","time":"2026-03-20T11:44:34.715Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-03-24T18:00:00.000Z","value":"Made public."}],"title":"nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files","workarounds":[{"lang":"en","value":"To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.\n\nAlternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files."}],"x_adpType":"supplier","x_generator":{"engine":"sadp-cli 1.0.0"}}],"cna":{"affected":[{"defaultStatus":"unknown","modules":["ngx_http_mp4_module"],"product":"NGINX Open Source","vendor":"F5","versions":[{"lessThan":"1.29.7","status":"affected","version":"1.29.0","versionType":"semver"},{"lessThan":"1.28.3","status":"affected","version":"1.1.19","versionType":"semver"}]},{"defaultStatus":"unaffected","modules":["ngx_http_mp4_module"],"product":"NGINX Plus","vendor":"F5","versions":[{"lessThan":"R36 P3","status":"affected","version":"R36","versionType":"custom"},{"lessThan":"R35 P2","status":"affected","version":"R35","versionType":"custom"},{"lessThan":"*","status":"affected","version":"R34","versionType":"custom"},{"lessThan":"*","status":"affected","version":"R33","versionType":"custom"},{"lessThan":"R32 P5","status":"affected","version":"R32","versionType":"custom"}]}],"credits":[{"lang":"en","type":"reporter","value":"F5 acknowledges Xint Code and Pavel Kohout (Aisle Research) for bringing this issue to our attention and following the highest standards of coordinated disclosure."}],"datePublic":"2026-03-24T14:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affects NGINX Open Source and NGINX Plus if it is built with the ngx_http_mp4_module module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted MP4 file with the ngx_http_mp4_module module. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"value":"NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affects NGINX Open Source and NGINX Plus if it is built with the ngx_http_mp4_module module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted MP4 file with the ngx_http_mp4_module module. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"LOCAL","baseScore":8.5,"baseSeverity":"HIGH","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-125","description":"CWE-125 Out-of-bounds Read","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-03-24T14:40:08.455Z","orgId":"9dacffd4-cb11-413f-8451-fbbfd4ddc0ab","shortName":"f5"},"references":[{"tags":["vendor-advisory"],"url":"https://my.f5.com/manage/s/article/K000160366"}],"source":{"discovery":"EXTERNAL"},"title":"NGINX ngx_http_mp4_module vulnerability","x_generator":{"engine":"F5 SIRTBot v1.0"}}},"cveMetadata":{"assignerOrgId":"9dacffd4-cb11-413f-8451-fbbfd4ddc0ab","assignerShortName":"f5","cveId":"CVE-2026-32647","datePublished":"2026-03-24T14:13:25.724Z","dateReserved":"2026-03-18T16:06:38.427Z","dateUpdated":"2026-07-15T01:07:50.616Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-03-24 15:16:34","lastModifiedDate":"2026-07-15 02:20:00","problem_types":["CWE-125","CWE-125 CWE-125 Out-of-bounds Read","CWE-125 Out-of-bounds Read"],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-24T00:00:00+00:00","id":"CVE-2026-32647","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:p1:*:*:*:*:*:*","matchCriteriaId":"FA913184-EAAD-409E-99C6-AB979DAA93F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:p2:*:*:*:*:*:*","matchCriteriaId":"782DF180-1101-4D6A-A1D7-8DADBAF6D9D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:p3:*:*:*:*:*:*","matchCriteriaId":"FB0B11F2-4748-492B-9906-F8C4C5EAFF12"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:p4:*:*:*:*:*:*","matchCriteriaId":"86B53968-1CCA-4CF3-8454-BB92EF64D10E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r33:*:*:*:*:*:*:*","matchCriteriaId":"4F58BD02-EA76-4F32-87D6-430026C8553E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r33:p1:*:*:*:*:*:*","matchCriteriaId":"46DC49B8-7286-4867-9CDA-1C1B469CD304"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r33:p2:*:*:*:*:*:*","matchCriteriaId":"43477C2E-7485-4146-B25C-F58D632CD85B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r33:p3:*:*:*:*:*:*","matchCriteriaId":"6A25B9CF-02C0-42DE-9C70-F2AD3ACE3CEB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r34:*:*:*:*:*:*:*","matchCriteriaId":"86358605-55F9-4F6F-846A-3F48738F6E05"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r34:p1:*:*:*:*:*:*","matchCriteriaId":"7453D683-FCA7-46EE-BE49-5FD9A01D7F87"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r34:p2:*:*:*:*:*:*","matchCriteriaId":"A977BF9F-D165-4B93-B4D2-A177883A5E75"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r35:*:*:*:*:*:*:*","matchCriteriaId":"C643CEF2-F421-4E2C-AD39-51CE820F2238"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r35:p1:*:*:*:*:*:*","matchCriteriaId":"4958360C-7993-4C82-8685-202D4940CE01"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r36:*:*:*:*:*:*:*","matchCriteriaId":"942CA349-3FF8-4B9D-B87E-FBA8930CE913"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r36:p1:*:*:*:*:*:*","matchCriteriaId":"7993A0FB-BE7E-4634-BF7F-FDEE3582D3E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r36:p2:*:*:*:*:*:*","matchCriteriaId":"862EA47E-8D57-434E-9C8F-238325FB85B2"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"1.1.19","versionEndExcluding":"1.28.3","matchCriteriaId":"510D19AC-5184-437F-B196-1454B33B6E49"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"1.29.0","versionEndExcluding":"1.29.7","matchCriteriaId":"C0EFE28B-E8E5-464E-B407-96436CA87C8E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"32647","Ordinal":"1","Title":"NGINX ngx_http_mp4_module vulnerability","CVE":"CVE-2026-32647","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"32647","Ordinal":"1","NoteData":"NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affects NGINX Open Source and NGINX Plus if it is built with the ngx_http_mp4_module module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted MP4 file with the ngx_http_mp4_module module. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.","Type":"Description","Title":"NGINX ngx_http_mp4_module vulnerability"}]}}}