nginx

by freenginxv1.31.2

Last updated Jun 8, 2026

freenginx is an effort to preserve free and open development of nginx [engine x], an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server, originally written by Igor Sysoev.

Visit homepage

Install with winget

$ winget install --id freenginx.nginx --exact --version 1.31.2

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

Installers · v1.31.2

Architecture	Type	Scope	Install	Download
x86	ZIP archive	-		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

15 known CVEs via NVD

high7.8Patched in wingetCVE-2026-32647affects before 1.28.3, 1.29.7Mar 24, 2026
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 fi...
Vendor advisory
medium5.4Patched in wingetCVE-2026-28755affects before 1.28.3, 1.29.7Mar 24, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the improper handling of revoked certificates when configured with the ssl_verify_client on and ssl_ocsp on directives, allowing the TLS handshake to succeed even after an OCSP check...
Vendor advisory
low3.7Patched in wingetCVE-2026-28753affects before 1.28.3, 1.29.7Mar 24, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_smtp_module module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to potential r...
Vendor advisory
high7.8Patched in wingetCVE-2026-27784affects before 1.28.3, 1.29.7Mar 24, 2026
The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGIN...
Vendor advisory
high8.2Patched in wingetCVE-2026-27654affects before 1.28.3, 1.29.7Mar 24, 2026
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or de...
Vendor advisory
high7.5Patched in wingetCVE-2026-27651affects before 1.28.3, 1.29.7Mar 24, 2026
When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentication server permits retry by ret...
Vendor advisory
medium5.9Patched in wingetCVE-2026-1642affects before 1.28.2, 1.29.5Feb 4, 2026
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inj...
Vendor advisory
low3.7Patched in wingetCVE-2025-53859affects before 1.29.1Aug 13, 2025
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication ser...
Vendor advisory

Showing 8 of 15. Source: NVD, updated 4h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Frequently asked questions

How do I install nginx on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id freenginx.nginx --exact --version 1.31.2. winget downloads the installer from freenginx and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install nginx silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id freenginx.nginx --exact 1.31.2 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

How do I uninstall nginx via winget?

Run: winget uninstall --id freenginx.nginx --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from nginx's Apps & Features entry.

Is nginx free?

nginx is distributed under BSD-2. Refer to the publisher (https://freenginx.org/) for the full license terms - Wingetly itself does not charge for installation.

Does nginx work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls nginx directly from the publisher.

How do I keep nginx up to date?

Run winget upgrade --id freenginx.nginx --exact, or winget upgrade --all to update everything winget tracks. We index 10 versions of nginx from microsoft/winget-pkgs.

Recent versions

1.31.2latest
1.31.1
1.31.0
1.29.7
1.29.6
1.29.5
1.29.3
1.29.2
1.29.1
1.29.0