Nginx Proxy Manager

Source repositories

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-40519	NginxProxyManager Nginx Proxy Manager	Hig	0.42	7.5	—		Jun 8, 2026	Nginx Proxy Manager versions 2.9.14 through 2.15.1, fixed in commit a5db5ed, contain an authenticated remote code execution vulnerability via OS command injection in the setupCertbotPlugins() function in backend/setup.js, allowing attackers with certificates:manage permission to…

CVE-2026-40519HigJun 8, 2026
NginxProxyManager
Nginx Proxy Manager
risk 0.42cvss 7.5epss —
Nginx Proxy Manager versions 2.9.14 through 2.15.1, fixed in commit a5db5ed, contain an authenticated remote code execution vulnerability via OS command injection in the setupCertbotPlugins() function in backend/setup.js, allowing attackers with certificates:manage permission to…