An AI security analysis system has discovered a critical heap buffer overflow in Nginx’s rewrite module that has existed since 2008. The flaw allows unauthenticated remote code execution by exploiting a discrepancy in how URI lengths are calculated during rewrite internal processing.