DepthFirst's AI Scanner Surfaces NGINX Rift, an 18-Year-Old Heap Overflow in the Rewrite Module That Enables Unauthenticated RCE
An LLM-powered scanner from security startup DepthFirst flagged a heap buffer overflow that had sat undetected in NGINX's rewrite module for roughly 18 years, prompting F5 to ship coordinated patches on May 13.
5 min read4 sources