CVE-2026-33032 is a critical authentication bypass in Nginx UI, a community-maintained web-based management interface for Nginx servers, actively being exploited in the wild to achieve unauthenticated full administrative control. Specific affected version ranges and official patch availability require confirmation against NVD and the official Nginx UI project advisory before scoping remediation. Note: Nginx UI is not an official Nginx Inc. or F5 product.