A vulnerability marked as critical has been reported in 0xJacky nginx-ui up to 2.3.4 . Impacted is an unknown function. Performing a manipulation results in server-side request forgery. This vulnerability was named CVE-2026-44015 . The attack may be initiated remotely. There is no available exploit.