Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-54298 |
|
Cross-Site Scripting (XSS) in astro (CVE-2026-54298)
cross-site scripting in astro (CVE-2026-54298). Risk of unauthorized operations or information disclosure. Exploitable via ``spreadAttributes``. Mitigation: upgrade to `6.4.6` or later.
|
| CVE-2026-54299 |
|
Vulnerability in astro (CVE-2026-54299)
vulnerability in astro (CVE-2026-54299). Confidential information can be exposed externally. Exploitable via ``request.url``. Mitigation: upgrade to `6.4.6` or later.
|
| CVE-2026-50146 |
|
Vulnerability in astro (CVE-2026-50146)
vulnerability in astro (CVE-2026-50146). Data can be tampered with by attackers. Exploitable via ``astro.config.mjs``. Mitigation: upgrade to `6.3.3` or later.
|
| CVE-2026-45028 |
|
Vulnerability in astro (CVE-2026-45028)
vulnerability in astro (CVE-2026-45028). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.1.10` or later.
|