EXECUTIVE SUMMARY
A high-severity vulnerability has been identified in F5 NGINX Plus and NGINX Open Source affecting the MP4 media processing module. The flaw may allow attackers to trigger memory corruption by supplying specially crafted MP4 files, potentially resulting in denial-of-service (DoS) conditions and, in certain scenarios, remote code execution (RCE).
Successful exploitation could allow attackers to disrupt services, impact availability, or potentially compromise affected servers depending on configuration and exposure. Systems that process untrusted media content or have the MP4 module enabled may face increased risk.
- CVE: CVE-2026-32647
- CVSS Score: 7.8 (High)
- Active Region: Global
- Affected Sector: Web Hosting, Media Streaming, CDN Providers, Enterprises IT
- Affected Product: F5 NGINX Plus, NGINX Open Source (MP4 module enabled instances)
- Severity: High
- Published Date: 25 March 2026
TECHNICAL DETAILS
- Vulnerability Overview: The vulnerability exists in the NGINX MP4 processing module (ngx_http_mp4_module), which improperly handles specially crafted MP4 file structures, potentially leading to memory handling issues.
- Attack Vector: Attackers may exploit this vulnerability by delivering malicious MP4 files to vulnerable servers through file upload functionality, media streaming requests, or content delivery workflows.
- Exploitation Mechanism: Specially crafted MP4 files may trigger memory corruption conditions that could result in denial-of-service (DoS) or, under……
