A vulnerability described as problematic has been identified in F5 NGINX Plus and NGINX Open Source . Affected by this vulnerability is the function ngx_http_charset_module . Executing a manipulation can lead to out-of-bounds read. This vulnerability is registered as CVE-2026-42934 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.