diff --git a/docker-compose.yml b/docker-compose.yml
index ea8ea1a..6f87fe9 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -380,9 +380,11 @@ services:
       retries: 3
 
   frontend:
-    # CVE-2026-42945 (NGINX Rift, ngx_http_rewrite_module heap overflow, CVSS 9.2)
-    # 대응: 미고정 nginx:alpine → 패치 stable 버전 고정 (fix in 1.30.1 / 1.31.0)
-    image: nginx:1.30.1-alpine
+    # ngx_http_rewrite_module 힙 오버플로우 2건 대응 (미고정 nginx:alpine → 패치 stable 고정)
+    #  - CVE-2026-42945 (NGINX Rift, CVSS 9.2): fixed in 1.30.1+ / 1.31.0+
+    #  - CVE-2026-9256  (nginx-poolslip, 영향 ~1.31.0): fixed in 1.30.2+ / 1.31.1+
+    # → 둘 다 커버하는 최소 stable = 1.30.2
+    image: nginx:1.30.2-alpine
     container_name: frontend
     restart: unless-stopped
     depends_on: