HPE Security Advisory
Published Date: June 9, 2026
CVE: CVE-2026-42945
Advisory Summary
❗️ Security Alert: NGINX ngxhttprewritemodule Vulnerability (CVE-2026-42945) in HPE Aruba Networking Products
HPE has released an important update regarding the critical vulnerability CVE-2026-42945 found in the NGINX ngxhttprewritemodule impacting their Aruba Networking product line. This vulnerability could potentially allow attackers to manipulate HTTP traffic rewrite rules, posing risks of unauthorized access or traffic interception.
The status document HPESBNW05064 rev.1 details which Aruba products are affected and provides guidance on mitigation steps and firmware patches available to rectify this security flaw. IT professionals managing Aruba networking equipment should prioritize reviewing this advisory, apply recommended updates promptly, and validate their network security posture to protect against any exploitation attempts.
Staying current with such vulnerability patches is crucial to maintaining the integrity and reliability of your IT infrastructure in today’s threat landscape.
🔗
Reference: Vendor Advisory