Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-44373 |
|
Path Traversal in nitro (CVE-2026-44373)
path traversal in nitro (CVE-2026-44373). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/orders/..`. Mitigation: upgrade to `3.0.260429-beta` or later.
|
| CVE-2026-44372 |
|
Open Redirect in nitro (CVE-2026-44372)
vulnerability in nitro (CVE-2026-44372). Risk of unauthorized operations or information disclosure. Exploitable via `GET /legacy//evil.com`. Mitigation: upgrade to `3.0.260429-beta` or later.
|