Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2026/02/25 10:33 p.m.9 views

@chocolatey-software/astro (>=2.0.0 <=2.5.0), choco-astro (>=0.3.1 <=0.4.0) potentially affected by CVE-2026-27729 via @astrojs/node (>=9.2.2 <=9.5.2)

@astrojs/node NPM version =9.2.2, =2.0.0, =0.3.1, =0.4.0 Source cves: CVE-2026-27729 Source advisory: OSV:GHSA-JM64-8M5Q-4QH8...

7.5CVSS5.8AI score0.00415EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/24 3:24 a.m.8 views

@antonyfaris/prefix-node-builtins (>=1.0.0 <=1.0.1), @anyauth/design-system (>=0.5.0 <=0.5.1) +21 more potentially affected by CVE-2026-27729 via astro (>=5.10.1 <=5.17.2)

astro NPM version =5.10.1, =1.0.0, =0.5.0, =0.0.1, =0.1.0, =0.0.1, =2.0.0, =2.18.7, =0.1.2-alpha.1, =0.0.28, =0.0.28, =1.5.1, =1.13.2, =0.0.1, =0.0.2 and more Source cves: CVE-2026-27729 Source advisory: SNYK:JS-ASTRO-15338138...

7.5CVSS5.8AI score0.00415EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/24 3:24 a.m.8 views

@stnd/build (=0.18.70), stnd (=0.18.70) potentially affected by CVE-2026-27729 via astro (=6.0.0-beta.1)

astro NPM version =6.0.0-beta.1 is affected by a known vulnerability. The following packages have a transitive dependency on astro and may be impacted: - @stnd/build =0.18.70 - stnd =0.18.70 Source cves: CVE-2026-27729 Source advisory: SNYK:JS-ASTRO-15338138...

7.5CVSS5.8AI score0.00415EPSS
Exploits1
NVD
NVD
added 2026/02/24 1:16 a.m.11 views

CVE-2026-27729

Astro is a web framework. In versions 9.0.0 through 9.5.3, Astro server actions have no default request body size limit, which can lead to memory exhaustion DoS. A single large POST to a valid action endpoint can crash the server process on memory-constrained deployments. On-demand rendered sites...

7.5CVSS0.00415EPSS
Exploits1References4
Rows per page
Query Builder