Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56301 |
|
Vulnerability in nuxt (CVE-2026-56301)
vulnerability in nuxt (CVE-2026-56301). Confidential information can be exposed externally.
|
| CVE-2026-56697 |
|
Open Redirect in nuxt (CVE-2026-56697)
vulnerability in nuxt (CVE-2026-56697). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56698 |
|
Cross-Site Scripting (XSS) in nuxt (CVE-2026-56698)
cross-site scripting in nuxt (CVE-2026-56698). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56317 |
|
Cross-Site Scripting (XSS) in nuxt (CVE-2026-56317)
cross-site scripting in nuxt (CVE-2026-56317). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56326 |
|
Open Redirect in nuxt (CVE-2026-56326)
vulnerability in nuxt (CVE-2026-56326). Risk of unauthorized operations or information disclosure. Exploitable via ``navigateTo``. Mitigation: upgrade to `3.21.7` or later.
|
| CVE-2026-53721 |
|
Vulnerability in nuxt (CVE-2026-53721)
vulnerability in nuxt (CVE-2026-53721). Confidential information can be exposed externally. Exploitable via ``routeRules``. Mitigation: upgrade to `3.21.7` or later.
|
| CVE-2026-53722 |
|
Cross-Site Scripting (XSS) in nuxt (CVE-2026-53722)
cross-site scripting in nuxt (CVE-2026-53722). Risk of unauthorized operations or information disclosure. Exploitable via ``href``. Mitigation: upgrade to `3.21.7` or later.
|
| CVE-2026-49993 |
|
Vulnerability in @nuxt/webpack-builder (CVE-2026-49993)
vulnerability in @nuxt/webpack-builder (CVE-2026-49993). Confidential information can be exposed externally. Exploitable via ``Origin``. Mitigation: upgrade to `3.21.7` or later.
|
| CVE-2026-47200 |
|
Vulnerability in nuxt (CVE-2026-47200)
vulnerability in nuxt (CVE-2026-47200). Risk of unauthorized operations or information disclosure. Exploitable via ``experimental.componentIslands``. Mitigation: upgrade to `4.4.6` or later.
|
| CVE-2026-46342 |
|
Cross-Site Scripting (XSS) in nuxt (CVE-2026-46342)
cross-site scripting in nuxt (CVE-2026-46342). Risk of unauthorized operations or information disclosure. Exploitable via ``props``. Mitigation: upgrade to `4.4.6` or later.
|
| CVE-2026-45670 |
|
Vulnerability in @nuxt/rspack-builder (CVE-2026-45670)
vulnerability in @nuxt/rspack-builder (CVE-2026-45670). Risk of unauthorized operations or information disclosure. Exploitable via ``script.src``. Mitigation: upgrade to `4.4.6` or later.
|
| CVE-2026-45669 |
|
Vulnerability in nuxt (CVE-2026-45669)
vulnerability in nuxt (CVE-2026-45669). Risk of unauthorized operations or information disclosure. Exploitable via ``Location``. Mitigation: upgrade to `4.4.6` or later.
|