Lucene search
K

168 matches found

Nuclei
Nuclei
added yesterday16 views

Astro - Unauthorized Third-Party Image Access

Astro 5.13.2 and 4.16.18 contains an information disclosure vulnerability caused by improper validation of protocol-relative URLs in the image optimization endpoint, letting attackers serve images from unauthorized third-party domains, exploit requires on-demand rendering deployment. id:...

6.9CVSS6.1AI score0.00594EPSS
Exploits1References2
NVD
NVD
added 5 days ago10 views

CVE-2026-59731

Astro is a web framework for content-driven websites. Version 6.4.7 performs authorization decisions on a partially decoded pathname after reaching the iterative URL decoder limit, while later rewrite route matching performs an additional decodeURI operation and can resolve the request to a...

8.2CVSS0.00267EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-56516

Name of the Vulnerable Software and Affected Versions Astro version 6.4.7 Description Astro performs authorization decisions on a partially decoded pathname after reaching the iterative URL decoder limit. Subsequently, rewrite route matching performs an additional decodeURI operation, which can...

8.2CVSS6.1AI score0.00267EPSS
Exploits0References11
NVD
NVD
added 2026/06/22 7:17 p.m.11 views

CVE-2026-54298

Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and passes them directly to addAttribute, which interpolates the key into the HTML output without escaping. When a developer uses the spread syntax ...props ...

6.1CVSS0.0016EPSS
Exploits1References1
NVD
NVD
added 2026/06/22 7:17 p.m.30 views

CVE-2026-50146

Astro is a web framework. Prior to 6.3.3, when a component uses a client: directive, Astro inserts named slot content into a data-astro-template attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflect...

7.1CVSS0.00177EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/22 5:33 p.m.32 views

CVE-2026-54299 Astro: Host-header full-read SSRF in core prerendered error-page fetch (prerenderedErrorPageFetch default + unvalidated createRequestFromNodeRequest URL)

Astro is a web framework. Prior to 6.4.6, Astro SSR apps with prerendered error pages /404 or /500 using export const prerender = true fetch those pages over HTTP at runtime when an error occurs. The URL for this fetch is derived from request.url, which in turn gets its origin from the incoming...

7.5CVSS0.00196EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 5:33 p.m.28 views

CVE-2026-54299

Summary of CVE-2026-54299 (Astro) : Astro SSR apps that prerender error pages (e.g., 404/500 with prerender = true) fetch those pages over HTTP using a URL derived from request.url, which is based on the Host header. If Host is not validated against allowedDomains, an attacker can direct the fetc...

7.5CVSS6AI score0.00196EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/22 5:33 p.m.4 views

CVE-2026-54299

Astro is a web framework. Prior to 6.4.6, Astro SSR apps with prerendered error pages /404 or /500 using export const prerender = true fetch those pages over HTTP at runtime when an error occurs. The URL for this fetch is derived from request.url, which in turn gets its origin from the incoming...

7.5CVSS6AI score0.00196EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/22 5:33 p.m.17 views

CVE-2026-54298

Astro, prior to 6.4.6, is vulnerable to XSS via unescaped attribute names when spreading props onto HTML elements. The spreadAttributes path iterates over object keys and passes them to addAttribute, which interpolates the key into the HTML output without escaping, allowing attackers to inject ev...

6.1CVSS6AI score0.0016EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/22 5:31 p.m.6 views

CVE-2026-50146

Astro is a web framework. Prior to 6.3.3, when a component uses a client: directive, Astro inserts named slot content into a data-astro-template attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflect...

7.1CVSS5.9AI score0.00177EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/22 5:31 p.m.22 views

CVE-2026-50146

CVE-2026-50146 affects the Astro web framework prior to 6.3.3. When a component uses a client:* directive, Astro inserts named slot content into a data-astro-template attribute without escaping the slot name, allowing an attacker to break out of the attribute context and inject arbitrary HTML, re...

7.1CVSS5.9AI score0.00177EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/22 5:31 p.m.33 views

CVE-2026-50146 Astro: Reflected XSS via unescaped slot name

Astro is a web framework. Prior to 6.3.3, when a component uses a client: directive, Astro inserts named slot content into a data-astro-template attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflect...

7.1CVSS0.00177EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.11 views

CVE-2026-41067

Astro is a web framework. Prior to 6.1.6, the defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize values injected into inline ,...

6.1CVSS5.4AI score0.00189EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.10 views

CVE-2026-45028

Astro is a web framework. Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypte...

6.3CVSS5.8AI score0.00144EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/14 1:15 p.m.89 views

portofolio_DWForSec

DwF — Cybersecurity Portfolio A professional cybersecurity po...

5.7AI score
Exploits0
NVD
NVD
added 2026/05/13 4:17 p.m.18 views

CVE-2026-45028

Astro is a web framework. Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypte...

6.3CVSS0.00144EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/13 3:50 p.m.5 views

CVE-2026-45028 Astro: Server island encrypted parameters vulnerable to cross-component replay

Astro is a web framework. Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypte...

6.3CVSS5.8AI score0.00144EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.20 views

Astro 安全漏洞

Astro is a content-driven website framework developed by Astro OpenSource. Versions of Astro prior to 6.1.10 contained security vulnerabilities. These vulnerabilities stemmed from the use of AES-GCM encryption to protect server island attributes and slot parameters, where the ciphertext was not...

6.3CVSS5.7AI score0.00144EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/30 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-58179

Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URL...

7.2CVSS5.2AI score0.00773EPSS
In wildExploits1References2
RedhatCVE
RedhatCVE
added 2026/04/27 7:23 p.m.4 views

CVE-2026-41248

Clerk JavaScript is the official JavaScript repository for Clerk authentication. createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can be bypassed by certain crafted requests, allowing them to skip middleware gating and reach downstream handlers. This vulnerability is fixed in...

9.1CVSS5.2AI score0.00323EPSS
Exploits0References1
Rows per page
Query Builder