VYPR
Critical severity9.8NVD Advisory· Published Feb 27, 2026· Updated Apr 14, 2026

CVE-2026-2293

CVE-2026-2293

Description

A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fastify path-normalization options are enabled.

This issue affects nest.Js: 11.1.13.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
@nestjs/platform-fastifynpm
< 11.1.1411.1.14

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.