MetaDefender Core

Need Help?

DocsMetaDefender CoreKnowledge BaseIs MetaDefender Core affected by NGINX CVEs?

DocsMetaDefender CoreKnowledge BaseIs MetaDefender Core affected by NGINX CVEs?

Knowledge Base

Configuration and Settings

Why are Japanese TXT files detected as "application/octet-stream" instead of "text/plain"?

How to Connect a MetaDefender Core Container to the same instance in Shared Database Mode?

Can local AVs interrupt ongoing scans?

Can I create new workflows?

How to enable crash dumps for MetaDefender Core processes?

Can I control access to the RAM disk in MetaDefender Core v5?

Can I view configuration changes on the Core side (audit)?

How can I add a mail server to the Core deployment?

How do I prevent Symantec Endpoint Protection from interfering with the optimal functioning of MetaDefender Core?

How can I find a sanitized file scanned with MetaDefender Core v5?

What is the retry mechanism for MetaDefender Core connecting to the remote Postgres Database?

How to use MetaDefender Core V5 Blocklist/Allowlist feature?

How can I configure the maximum queue size in MetaDefender Core v5 ?

How do I remove an engine from my MetaDefender instance?

How can the Temp folder be changed?

How can I increase parallel count and Max queue size?

How can I change MetaDefender Core Deep CDR's timeout settings?

My scans keep failing due to an exceeded archive file number, how do I determine the number of files in an archive and then configure my process settings accordingly?

Why are password protected archives blocked and how do I unblock them?

How to disable WEB UI file scan without user authentication?

How To Allow Only Certain Files to be Scanned with MetaDefender Core?

How to generate an API key on the Core deployment?

How to Modify the Hostname of Your MetaDefender Core Server and Potential Impact?

What are the permissions on the shared folder for the temp directory?

How to implement a numerical escape function for HTML?

How to reset password for users?

How to Block/Allow Custom Extensions using RegEx?

How to migrate MetaDefender Core from PostgreSQL local to PostgreSQL remote?

How to change Core Web Management Interface Address Port?

Does MetaDefender Core store original files?

Why Japanese characters are not recognized or displayed correctly in archives?

How to install pre-built libgdiplus on RedHat 9?

Does Deep CDR support sanitizing split archives?

How to exclude OPSWAT folder from Anti-Virus Windows Defender?

Where are MetaDefender Core Install Directories and Registry?

Under what circumstances does the scan result not show the username?

How to send MetaDefender Core logs to NAS ( Network Attached Storage ) Path?

Why is a file blocked by Deep CDR or Proactive DLP but I can still download the sanitized version?

Does Deep CDR support Adobe Illustrator (AI) files in PostScript format?

How to add the source IP in scan details?

How do I integrate Jenkins with MetaDefender Core?

Can I apply a new license key before the current one expires?

How to automate backup configuration settings for MD Core? (API)

Why I can't push configuration due to password storage?

How do I install MetaDefender Core in Rocky Linux 9

How to properly configure Syslog Server for MetaDefender Core?

Why MetaDefender Core’s nginx ssl.conf changed to ssl.mdcore.conf?

How to configure SMTP server with authentication under MetaDefender Core to send notification to M365?

How to manage Disk Space Usage in pg_data\base directory in MetaDefender Core for Windows?

What storage type should I use on MetaDefender Core in K8S?

What permissions are needed for the user of the storage of Google Cloud?

How do I setup Hot Swap Backup Configuration between MetaDefender Core instances?

Where are MetaDefender Core Install Directories and Advanced Configurations?

How to retrieve the CRL and OCSP URLs for the Server and ICA Certificates?

Is Import Password Mandatory When Using Ignition File for MetaDefender Core installation?

How does the recursion level work in MetaDefender Core?

How to Enable Debug Mode in a MetaDefender Core Kubernetes Deployment?

How to Select a Specific MetaDefender Core Instance in a PostgreSQL Database with Multiple Instances?

Can you import configuration settings from the latest version to the previous version of Core?

How to Local whitelist a file using AllowList?

What Is exiftool_win.exe and Why Is It Falsely Detected?

How to relocate installation folder in MetaDefender Core on Windows?

How to Set Up MetaDefender Core to Connect to Syslog via TLS?

How to Work with Role Restrictions in MetaDefender Core Workflows?

How Do I Setup Syslog connect to Splunk Cloud by using Universal Forwarder?

How do I customize the bundled PostgreSQL server configuration in MetaDefender Core?

How do I detect PUP/PUA as infected?

What is the difference between "Engine Current Status" and "Engine Advanced Configuration" export options?

Should I Use Subject Alternative Name (SAN) Certificates for Core and Kiosk GUIs?

How to customize Nginx logs to identify mTLS client connections?

How to configure Role Mapping per groups in SSO Integration with Entra ID

Does MetaDefender Core Detect EOS/EOL Status for Open-Source Software?

How Does MetaDefender Core Rotate PostgreSQL Logs?

Why Must Each MetaDefender Core Installation Have a Unique Instance Name?

Why is my Excel document not showing hidden sheets after Deep CDR sanitization?

How to Limit the Number of CPU Cores Used for Scanning in MetaDefender Core

What Protocols Does MetaDefender Core Use for Active Directory Integration?

Why Is the Time Range on MetaDefender Core’s Executive Report Different from the Time Range Selected Before Exporting?

How to Handle SSL/TLS Issues with OPSWAT MetaDefender Core Webhook Callback?

What are the AI-Powered Components in MetaDefender Core?

How to remediate significantly increased scanning times during peak hours due to engine updates failing?

What More to Know About Encoding Preference for Entry Name?

Is MetaDefender Core Fully SELinux Compliant?

Why Does MetaDefender Core Require Removing the SSL Private Key Passphrase for PostgreSQL?

When to set an alarm and how?

Why are batch operations slow in MetaDefender Core and how are they resolved in version 5.14.0?

Why Are Japanese Filenames Garbled When Submitting Files to MetaDefender Core via API?

Does MD Core support using a different account type for starting application services

How to export API Keys of MetaDefender Core users

Should Filetype Mismatch Be Blocked or Allowlisted?

Tracking Client Identity Information in MetaDefender Core via API

Why Does My MD Core Deployment on Kubernetes Lose Data After a Restart?

What is the pg_dump database restore file used by MetaDefender Core?

Optimizing PostgreSQL for High-Volume Deployments

How should I correctly restart the Shared Database server?

How can I identify which MetaDefender Core instance sent an alert email?

What Is the Recommended Skip Hash List Size in MetaDefender Core Without Impacting Performance?

Does MetaDefender Core support sanitizing GIT-BUNDLE files?

Can I configure multiple REST ports in MetaDefender Core?

How do I identify and renew the certificate for Active Directory integration in MetaDefender Core?

Retrieving Username Using an API Key

How to Configure MetaDefender Core Syslog to an AWS Ubuntu Instance

How do I reset all Skip by Hash Entries in MetaDefender Core?

Can I export scheduled scan reports via API calls or email?

How to integrate OpenSSL with MetaDefender Core for decrypting files

How does the MD Core Handle Archive Files?

Errors and Troubleshooting

What can I do when MetaDefender Core (Windows) has an insufficient disk space error?

Why is MetaDefender Core unable to connect to the database?

What can I do if MetaDefender shows a high number of files that failed to scan?

What should I do if an engine is in "failed" or "permanently failed" status?

What are the engine clean-up instructions?

Why is the scan stuck in "processing" state on WebScan UI, when the Core Processing History shows that it is already finished?

Why have the ESET and Kaspersky scan engines failed to initialize on the hardened Linux OS?

Why has the Symantec custom engine failed to deploy?

What are common reasons for Deep CDR scan/sanitization failures and how do I fix them?

What do the various error messages mean in MetaDefender Core RestAPI?

Why are some modules not appearing in my MetaDefender Core inventory?

Why does my MetaDefender Core install fail?

Why do you sometimes see a discrepancy between the File Type and MIME Type information?

Why files are not sanitized?

Why am I receiving a “400” error for API file submission?

How to Mitigate Scan Failures in MetaDefender Core Triggered by Real-Time Protection Systems?

How to Resolve MetaDefender Core Service Start-up Failures on IPv6-Disabled Linux Systems?

How to Understand OPSWAT's Multiscanning AV Detection Differences Compared to Other Scanners?

How to Troubleshoot Inaccessible Management Console?

How do I fix module update error “Error parsing metadescriptor, message='Could not download metadescriptor'”?

Why does ClamAV show "permanently failed" after enabling the daemon log file?

How to troubleshoot HTTPS failure on MetaDefender Core?

How to Remove Engines from MetaDefender Core using command line?

How to enable debug logging for MetaDefender Core?

Why did the deployment of the Threat Intelligence Module Fail?

Why did the deployment of the Reputation Module Fail?

Why is MetaDefender Core not starting after moving or deleting the certificates from the initial location?

Why doesn’t CDR detect the JavaScript I appended to a PDF file?

Why Deep CDR is not Sanitizing Files Inside a ZIP?

Why does the “deleteafterimport” error appear when importing an MD Core configuration from standalone mode to shared database mode?

What is the meaning of action_ran and action_failed in JSON scan result?

Why can't I sanitize HEIC files?

Why Am I Getting "No Rows to Show" When Using a Proxy Without Authentication in Browser Settings?

How Does TLS 1.0/1.1 Deprecation Affect Compatibility Across OPSWAT Products?

Why can small file changes bypass the Antivirus detection?

How do I verify if MetaDefender products are sending out syslog messages to the syslog server?

How do I fix files being blocked due to unexpected "File type mismatch" verdict?

Why are MetaDefender Core engines permanently failed?

Why Does MetaDefender Core Fail to Connect to the Database After a System Restart?

What do you do if your engine fails to update?

What is causing my Scans to be slow on MetaDefender Core?

What do I do if my modules disappear from the Core UI?

Why Is Core Receiving HTTP 403 or Timeout Errors when downloading engine updates from OCM?

What do I do when licensed engines are not detected despite active licenses?

Why do I receive errors when I upload the Config file in MetaDefender Core?

How to access MetaDefender Core when SSO fails?

Why am I seeing error message "Validation failed" after saving Sandbox module settings?

What Are the Default Credentials for MetaDefender Core on Azure Marketplace VM?

Why does the MetaDefender Core service not start?

Why does Kiosk show "Invalid Core Setup"?

Why is my file rejected even though it appears to be under the configured size limit?

How Can I Solve a Database Indexing Issue?

Why Does MetaDefender Core Show a 'Calculate hash error' When Scanning Malicious Files?

Why MD Core is Not Reachable?

Why am I getting "invalid structure" or "archive corrupted" errors when extracting archives in Core?

Why are my script files being detected as ASCII TXT?

How to Resolve SSL/TLS Errors with MetaDefender Core Webhook Callbacks?

Why does MetaDefender Core show “Blocked” with a scan result of “Not Scanned” when no malware is detected?

How do I remediate MetaDefender Core using too much resource while sanitizing TIFF/TIF image file?

Why are PDF documents being flagged as false positives by VirusBlokAda?

Why did my scanned image fail with "exceeded file size" error?

Why isn’t an attached file inside a PDF being converted to a different format during Deep CDR sanitization?

Why is MetaDefender Core Failing to Connect via Proxy?

Why is unused data removed in Deep CDR resulting in empty emails being received?

Why are MetaDefender Core and PostgreSQL services shutting down unexpectedly?

Why can’t I access the MetaDefender Core user interface after performing an upgrade?

Why is ESET detecting legitimate software as a Potentially Unsafe Application (PUA/PUP)?

Why can’t I configure the SMTP server with authentication set to “None” in MetaDefender Core 5.15.2?

Why are my Engines not initializing/updating over the Internet or OPSWAT Central Management On-Premises

Why am I getting an "Internal server error" when logging into MetaDefender Core via SAML SSO

Why is HTTPS enabled in the UI, but the MetaDefender Core URL doesn’t change to HTTPS?

Why does the MetaDefender Core Deployment ID change after rebooting a Hyper-V VM?

Why are MetaDefender Core Syslog Messages Flagged as Non-Compliant with certain syslog standards?

Why is the "The engine is not longer licensed with the current product key" message displayed for Threat Intelligence after license renewal?

Are Embedded Files Recursively Processed and Reported during CDR?

Why am I getting an error when installing MetaDefender Core on Linux in an air-gap environment?

Why are Encrypted Office Documents with the same extension categorized differently from unencrypted documents?

Why does MetaDefender Core skip quarantining files with the same hash?

How to create a sample self-signed certificate with SAN using OpenSSL

Why is MetaDefender Core Allowing Files with Sensitive Data? (Proactive DLP Threshold Settings)

What to do when my MetaDefender Core instance failing to load with error 'Extension setting up failed: extension: 'ekm', rc: '-610''?

Why am I getting "We couldn’t analyze this file because no specific configuration is applied" with an OPSWAT Predictive Alin AI license?

Why am I getting a "File not found, invalid path or access" error when using the 'filepath' header in the RestAPI on Linux?

Can MetaDefender Core process Base64 Content?

MetaDefender Core on K8s: Persisting Quarantine, DLP, and CDR Output Across Pod Restarts

Why do some multipart uploads fail with error code 500?

Features and Functionality

How to Use a RAMDISK for the tempdirectory?

Why does ClamAV seem to be slower than other engines?

What temporary folder do Custom Engines use ?

What PDF file annotations are Supported/Non-Supported by MetaDefender Core’s Deep CDR?

What does "Potentially Vulnerable File" result mean?

What CAB files are Supported/Non-Supported by MetaDefender’s Deep CDR?

What are the MetaDefender Core Security Policies and how do they work?

Is Metadefender Core compromised while scanning files?

What is the Queue Mechanism on Metadefender Core?

How does the Post Actions feature work?

How does the External Scanners feature work?

How do I generate and save a MetaDefender Core scan result summary in JSON format?

How and why are my image files altered during processing with Deep CDR and Proactive DLP?

Does MetaDefender Core v5 offer real-time antivirus protection on the system where it is installed?

Does MetaDefender Core v5 Detect the NotPetya Ransomware?

Are there any limitations to the MetaDefender Core scan engines?

Can MetaDefender Core block renamed files (such as renamed .exe files)?

How can I export the processing history from the Core console?

How to Utilize YARA Rules with MetaDefender Core?

What is the Design of MetaDefender Core and Its Protective Measures?

What does the items sanitized/removed count in Deep CDR sanitization report mean?

Why image sanitization doesn't report any object in details?

What are the requirements to process XDW/XBD/XCT files with CDR?

How do we utilize API uploads so the correct file type and sanitization occurs every time?

What are the differences between AVs in OPSWAT and the other services?

Does OPSWAT Use Security Checks on Our Code, Libraries, Credentials, etc?

How to access and analyze detailed scan results for an infected file?

Why MetaDefender Core blocks Sandbox Verdicts that are not marked to be blocked?

How to scan multiple files at once with MetaDefender Core

Is MetaDefender Core able to extract, detect and block malicious embedded macros?

Does OPSWAT provide a file dataset that can be used to evaluate MetaDefender Core's capabilities?

How would discontinuing Threat Intelligence affect customers?

How to add custom detection for a file type?

What can I do if MetaDefender Core shows a high number of files that failed to scan?

Why did the required password pop up when scanning an unencrypted file?

How to Test the Syslog Server functionality from MetaDefender Core?

When and how to use “PDF to Image Configuration” Deep CDR feature?

How do I send specific log entries to syslog integration?

How do I send the MetaDefender Core logs in Windows event log?

Does installing an antivirus impact a containerized deployment?

Why does the DeepCDR engine delete the content of the HTML file?

What is the Document Encryption Timeout setting and how does it work?

How do I manually clean up the MD Core engine's local folder?

How can I handle a high CPU load on my Core server

Does MetaDefender Core generate a file download link after all scan sessions?

Can Workflow Settings Be Updated Globally Across Multiple Workflows?

Does MetaDefender Core support Elliptic Curve (EC) Private Key and Certificate for enabling HTTPS?

How to manage false positives in MetaDefender Core?

How to handle split archive files?

How to check the Nginx version used in MetaDefender Core?

What are the List of folders that should be removed after MetaDefender Core uninstallation on Windows?

How to Sanitize Non-Compliant MDZIP Files?

How do I receive MD Core scan results using a static callback URL without specifying the URL in request headers?

What is the difference between the Archive Extraction Engine V.S. Metascan Antivirus engines extraction?

Why does MetaDefender Core Identifys Only the First Part of a Split Archive as an Archive File?

Where can I find sample logs for quarantine errors?

Can Syslog Reliably Detect MetaDefender Core Process Crashes?

Can MetaDefender Core Scan Embedded Payloads or Inline File Content?

How can I export complete archive scan results from MetaDefender Core using the REST API (session_id + extraction APIs)?

Can MetaDefender Core Process Microsoft Purview Information Protection Encrypted Files?

Why does MetaDefender Core not quarantine the same malicious file twice?

When Is the “Database Maintenance Required” Notification Triggered, and How Does the ometascan-vacuum-db Tool Improve Performance?

How to Allow Encrypted Archives in MetaDefender Core?

What are the pros and cons of using MetaDefender Core's archive extraction engine vs. AV engine archive handling?

Will adding a new Ethernet Interface to the MetaDefender Core machine impact its functionality?

Does MetaDefender Core support HTTP2 Protocol?

How to track Settings changes in MetaDefender Core

How Does OPSWAT Determine Which Files Are Acceptable for Content Disarm and Reconstruction (CDR)

Does MetaDefender Core support scanning of .parquet.gpg files?

Using the metadata Header to Track API File Submissions in MetaDefender Core

Feedback and Support

How do I obtain a Trial License for MetaDefender Core?

How long is the support lifecycle for a specific version of MetaDefender Core?

How do I get a False Detection (False Positive or False Negative) corrected?

What is Included in the MetaDefender Core Support Package?

Licensing, Setup and Deployment

What dependencies does MetaDefender’s Deep CDR for Linux have?

What links, target-services or target host-IPs need to be allowed for Metadefender Core to function accurately?

How do I set up exclusions on my anti-malware software to prevent disruption of the MetaDefender Core scanning process, when my corporate policy does not allow it?

How do I deploy MetaDefender Core to an offline Windows environment?

How do I deploy MetaDefender Core to an offline Linux environment?

Does the Deployment ID change at any time?

How do I activate my offline deployment of MetaDefender Core?

How do I activate/deactivate a MetaDefender Core Deployment via API calls?

How do I update to a new license key on a Metadefender Core server?

What types of licenses are available for MetaDefender Core?

After license renewal does the product activation happen automatically (if the license key is the same)?

How to install .NET 8 Runtime dependencies on Linux Distributions?

How to connect LDAP via SSL on Linux

How to Backup and Restore standalone database for MetaDefender Core?

How to install msttcore-fonts on Linux systems?

How to upgrade Amazon Corretto JRE?

Can I activate the product license before the start date?

How to completely uninstall MetaDefender Core?

How to Trust MetaDefender Core’s Self-Signed Certificate When HTTPS Is Enabled?

How are MetaDefender Core AWS AMI images secured and updated?

How to handle high CPU load on MetaDefender Core server?

What will happen to the MD core after the license is expired?

What are the List of folders that should be removed after MetaDefender Core uninstallation on Linux?

How can I fix a failed or looping MetaDefender Core module update by clearing the package cache?

Testing MetaDefender Core

Is there a virus test I could use to test MetaDefender Core engines?

How do I check if "noexec" flag exists on a Linux OS?

How can I run tests to see the different scan results on MetaDefender Core?

Updates, Patches and Bug Fixes

Are scan engine updates automatic?

What operating system patches should be applied to the system hosting MetaDefender Core?

How do I check the update status of MetaDefender Core’s licensed AV scan engines?

What is the frequency of signature/definition updates on MetaDefender Core?

Why does the Deep CDR engine keep failing to update?

What Happens After the Discontinuation of Kaspersky Support for Windows and Linux?

Does a CVE affect MetaDefender Core?

End-of-Life Support for CentOS 7 and RedHat 7 in MetaDefender Core and Engines

End of Life Support for Ubuntu 20.04 and Amazon Linux 2 in MetaDefender Core

How will End of Life Support for Windows Server 2016 and Windows 10 versions before 21H2 in MetaDefender Core affect my deployments?

Will MetaDefender Core Experience Downtime During Engine Updates?

How to Update Antivirus Engines in MetaDefender Core Manually?

What Happens After the Discontinuation of VirusBlokAda and NanoAV Support for Windows and Linux?

What Happens After the Discontinuation of RocketCyber Support for Windows and Linux?

Is MetaDefender Core affected by NGINX CVEs?

Version Upgrades

Are MetaDefender Core v5 upgrades free?

Are MetaDefender Core version upgrades automatic?

How do I manually upgrade to the latest MetaDefender Core version?

What is the latest MetaDefender Core version?

How to upgrade an End-of-Life [EOL] MetaDefender Core?

Can I upgrade MetaDefender Core from an very old version such as version 4.x.x to the latest version 5.x.x?

Can I upgrade MetaDefender Core from a very old version directly to the latest available?

What is the impact of upgrading MetaDefender Core from version 5.12.0 to 5.13.3?

Why Does the MD Core Upgrade Require Significant Disk Space?

Where can I get old engine versions?

Are older antivirus engine module versions available for downgrade?

Is MetaDefender Core affected by NGINX CVEs?

This article applies to MetaDefender Core prior to 5.18.0

Issue

Impact assessment for six NGINX vulnerabilities against MetaDefender Core:

CVE-2026-42945: Not affected. MD Core’s rewrite rules do not use nested or overlapping capture groups, capture substitutions such as $1/$2, or the vulnerable rewrite patterns described in the advisory.
CVE-2026-42946: Not affected. MD Core does not use the scgi_pass or uwsgi_pass modules in the NGINX configuration.
CVE-2026-40460: Not affected. MD Core does not use the HTTP/3 QUIC module.
CVE-2026-42926: Not affected. The NGINX configuration does not use proxy_http_version 2.
CVE-2026-40701: Low risk. The vulnerability only affects deployments using specific mTLS and OCSP validation settings in NGINX. Please verify whether ssl_verify_client on|optional and ssl_ocsp on are enabled in the active NGINX configuration.
CVE-2026-42934: Not affected. The vulnerable configuration combination (charset/source_charset/charset_map together with proxy_pass and proxy_buffering off) is not used in the NGINX configuration.

Resolution

Upgrade to MetaDefender Core 5.19.0 or later for NGINX 1.30.1.
If you must stay on 5.18.0 temporarily, please log a support case

If you require further assistance, please follow these instructions on How to Create Support Package?, before creating a support case or chatting with our support engineer.

Last updated on

Was this page helpful?

On This Page

Is MetaDefender Core affected by NGINX CVEs?Issue Resolution Impact assessment for six NGINX vulnerabilities against MetaDefender Core: