CVE-2026-8711 is a high-severity NGINX JavaScript vulnerability disclosed in May 2026 that can let an unauthenticated network attacker crash NGINX worker processes when js_fetch_proxy uses client-controlled variables and JavaScript handlers call ngx.fetch(). The headline risk is denial of...
