Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-44574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect...

8.1CVSS5.8AI score0.00485EPSS
Exploits2References2
NVD
NVD
added 2026/05/13 6:16 p.m.17 views

CVE-2026-44581

Next.js is a React framework for building full-stack web applications. From 13.4.0 to before 15.5.16 and 16.2.5, App Router applications that rely on CSP nonces can be vulnerable to stored cross-site scripting when deployed behind shared caches. In affected versions, malformed nonce values derive...

4.7CVSS0.00222EPSS
Exploits1References1
NVD
NVD
added 2026/05/13 6:16 p.m.19 views

CVE-2026-44578

Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket upgrade requests. An attacker can cause the serve...

8.6CVSS0.38811EPSS
Exploits9References6
Cvelist
Cvelist
added 2026/05/13 4:57 p.m.64 views

CVE-2026-44576 Next.js: Cache poisoning in React Server Component responses

Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when shared caches do not correctly partition response variants. Under affected conditions, an attacker...

5.4CVSS0.0025EPSS
Exploits0References1
Rows per page
Query Builder