VYPR
Vendor

Nuxt

Products
2
CVEs
22
Across products
22
Status
Private

Products

2

Recent CVEs

22
View all 22 CVEs →
  • CVE-2026-53721HigJun 12, 2026
    risk 0.46cvss 8.2epss 0.00

    Nuxt is an open-source web development framework for Vue.js. From versions 3.11.0 to before 3.21.7 and 4.0.0 to before 4.4.7, there is a route-rule middleware bypass via case-sensitivity mismatch between vue-router and the routeRules matcher. This issue has been patched in…

  • CVE-2026-34404HigMar 31, 2026
    risk 0.42cvss 7.5epss 0.00

    Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /_og/d/ (and, in older versions, /og-image/) contains a Denial of Service (DoS) vulnerability. The issue arises because there is no restriction on…

  • CVE-2026-34405MedMar 31, 2026
    risk 0.33cvss 6.1epss 0.00

    Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /_og/d/ (and, in older versions, /og-image/) contains a vulnerability that allows injection of arbitrary attributes into the HTML page body. This…

  • CVE-2026-49993MedJun 12, 2026
    risk 0.30cvss 5.7epss 0.00

    Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder from versions 3.15.4 to before 3.21.7 and 4.0.0 to before 4.4.7, there is an incomplete fix for GHSA-6m52-m754-pw2g. Source code may still be stolen during dev when…

  • CVE-2026-53722MedJun 12, 2026
    risk 0.28cvss 5.4epss 0.00

    Nuxt is an open-source web development framework for Vue.js. Prior to versions 3.21.7 and 4.4.7, did not validate the URL scheme of values bound to its to or href props before rendering them into the href attribute of the underlying element. When an application…

  • CVE-2026-46342MedJun 12, 2026
    risk 0.28cvss 5.4epss 0.00

    Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.1.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 and @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, the /__nuxt_island/* endpoint accepts…

  • CVE-2026-45670MedJun 12, 2026
    risk 0.28cvss 5.4epss 0.00

    Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using…

  • CVE-2026-45669MedJun 12, 2026
    risk 0.28cvss 5.4epss 0.00

    Nuxt is an open-source web development framework for Vue.js. From versions 3.4.3 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, navigateTo() with external: true generates a server-side HTML redirect body containing a tag. The destination URL is…

  • CVE-2026-47200MedJun 12, 2026
    risk 0.27cvss 5.3epss 0.00

    Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.11.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 and @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, when experimental.componentIslands is enabled…

  • CVE-2025-24361MedJan 25, 2025
    risk 0.27cvss 5.3epss 0.00

    Nuxt is an open-source web development framework for Vue.js. Source code may be stolen during dev when using version 3.0.0 through 3.15.12 of the webpack builder or version 3.12.2 through 3.152 of the rspack builder and a victim opens a malicious web site. Because the request…

  • CVE-2025-24360MedJan 25, 2025
    risk 0.27cvss 5.3epss 0.01

    Nuxt is an open-source web development framework for Vue.js. Starting in version 3.8.1 and prior to version 3.15.3, Nuxt allows any websites to send any requests to the development server and read the response due to default CORS settings. Users with the default server.cors…

  • CVE-2026-56301Jun 23, 2026
    risk 0.00cvss epss 0.00

    Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7, when running the development server (nuxt dev) on Linux, binds the vite-node IPC server to an abstract-namespace Unix socket without permission restrictions, allowing local users to enumerate and connect. Unprivileged co-resident…

  • CVE-2026-56698Jun 22, 2026
    risk 0.00cvss epss 0.00

    Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 fail to validate script-capable URLs in the navigateTo open option, allowing client-side script execution. Attackers can supply javascript: URLs through the open parameter to execute arbitrary scripts in the application's…

  • CVE-2026-56697Jun 22, 2026
    risk 0.00cvss epss 0.00

    Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like…

  • CVE-2026-56326Jun 22, 2026
    risk 0.00cvss epss 0.00

    Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate path-normalized payloads like /..//evil.com and /.//evil.com. Attackers can bypass external-host checks using path-normalization…

  • CVE-2026-56317Jun 20, 2026
    risk 0.00cvss epss 0.00

    Nuxt before 4.4.7 (and the 3.x branch before 3.21.7) contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as…

  • CVE-2025-59414Sep 17, 2025
    risk 0.00cvss epss 0.00

    Nuxt is an open-source web development framework for Vue.js. Prior to 3.19.0 and 4.1.0, A client-side path traversal vulnerability in Nuxt's Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application…

  • CVE-2025-27415Mar 19, 2025
    risk 0.00cvss epss 0.00

    Nuxt is an open-source web development framework for Vue.js. Prior to 3.16.0, by sending a crafted HTTP request to a server behind an CDN, it is possible in some circumstances to poison the CDN cache and highly impacts the availability of a site. It is possible to craft a…

  • CVE-2024-34344Aug 5, 2024
    risk 0.00cvss epss 0.01

    Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Due to the insufficient validation of the `path` parameter in the NuxtTestComponentWrapper, an attacker can execute arbitrary JavaScript on the server side, which allows them…

  • CVE-2024-34343Aug 5, 2024
    risk 0.00cvss epss 0.00

    Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. The `navigateTo` function attempts to blockthe `javascript:` protocol, but does not correctly use API's provided by `unjs/ufo`. This library also contains parsing…