{"uuid": "1d59e3fa-14da-4207-8144-9459ff2cd2bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8711", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motmhltzlc2p", "content": "\ud83d\udea8  ALERT: CVE-2026-8711\n\nCVSS 8.1/10\n\n\ud83d\udccb WHAT IT IS:\nNGINX JavaScript has a vulnerability when the js_fetch_proxy\u00a0directive is configured with at least one client-controlled NGINX variable (for example, $http_*, $arg_*, $cookie_*) and a location invoking the ngx.fetch() operation from NGINX JavaScrip", "creation_timestamp": "2026-06-22T00:20:13.237791Z"}