TECHNICAL IMPACT STATEMENT: SWP/Deep Security 20.x Agent and Multiple NGINX vulnerabilities

Product / Version includes:

Deep Security 20.0

Last updated: 2026/05/26

Solution ID: KA-0023519

Category:

Summary

This article serves as an official communication from TrendAI regarding the technical impact of the following vulnerabilities as it relates to Server and Workload Protection (SWP) and Deep Security 20.x and several NGINX vulnerabilities that could impact the current version in use by the product (1.28.1) as of May 2026.

Technical Analysis by CVE

1. CVE-2026-27654: NGINX Buffer overflow in DAV module

CVSS 3.1: 8.8 (High)
Deep Security / SWP: Based on the analysis of the vulnerability by the TrendAI development team, it has been confirmed that SWP/Deep Security is not affected or impacted by this vulnerability because although the product uses NGINX, the specific impacted module is not compiled in the product.

2. CVE-2026-27784: NGINX Buffer over-read/write via crafted MP4 file

CVSS 3.1: 8.5 (High)
Deep Security / SWP: Based on the analysis of the vulnerability by the TrendAI development team, it has been confirmed that SWP/Deep Security is not affected or impacted by this vulnerability because although the product uses NGINX, the specific impacted module is not compiled in the product.

3. CVE-2026-32647: NGINX Buffer over-read/write via crafted MP4 file

CVSS 3.1: 8.5 (High)
Deep Security / SWP: Based on the analysis of the vulnerability by the TrendAI development team, it has been confirmed that SWP/Deep Security is not affected or impacted by this vulnerability because although the product uses NGINX, the specific impacted module is not compiled in the product.

4. CVE-2026-27651: NGINX NULL pointer deference when CRAM-MD5 or APOP auth used

CVSS 3.1: 8.7 (High)
Deep Security / SWP: Based on the analysis of the vulnerability by the TrendAI development team, it has been confirmed that SWP/Deep Security is not affected or impacted by this vulnerability because although the product uses NGINX, the specific impacted module is not compiled in the product.

5. CVE-2026-28753: NGINX Attacker-controlled DNS PRT records can inject headers into auth_http requests and XCLIENT SMTP commands

CVSS 3.1: 3.7 (Low)
Deep Security / SWP: Based on the analysis of the vulnerability by the TrendAI development team, it has been confirmed that SWP/Deep Security is not affected or impacted by this vulnerability because although the product uses NGINX, the specific impacted module is not compiled in the product.

6. CVE-2026-28755: NGINX revoked clinet certificates can complete TLS handshake when OCSP check fails to block them in stream context

CVSS 3.1: 5.4 (Medium)
Deep Security / SWP: Based on the analysis of the vulnerability by the TrendAI development team, it has been confirmed that SWP/Deep Security is not affected or impacted by this vulnerability because although the product uses NGINX, the specific impacted module is not compiled in the product and does not enable ssl_ocsp.

7. CVE-2025-53859: NGINX Buffer overread in SMTP auth process leaks memory to authentication server

CVSS 3.1: 3.7 (Low)
Deep Security / SWP: Based on the analysis of the vulnerability by the TrendAI development team, it has been confirmed that SWP/Deep Security is not affected or impacted by this vulnerability because although the product uses NGINX, the specific impacted module is not compiled in the product.

Please note that although the product is not affected by these particular vulnerabilities, the NGINX components are scheduled to be updated in the June 2026 Deep Security Agent (DSA) as part of a pre-scheduled update.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

TECHNICAL IMPACT STATEMENT: SWP/Deep Security 20.x Agent and Multiple NGINX vulnerabilities

Technical Analysis by CVE

TECHNICAL IMPACT STATEMENT: SWP/Deep Security 20.x Agent and Multiple NGINX vulnerabilities

Product / Version includes:

Summary

Technical Analysis by CVE