CVE-2026-2293

Summary: CVE-2026-2293 describes a bypass of authentication/authorization in NestJS apps using @nestjs/platform-fastify when Fastify path-normalization options are enabled. The root cause is a mismatch between middleware evaluation and route dispatch due to differing URL interpretations, allowing...

CVE-2026-2293

A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fastify path-normalization options are enabled. This issue affects nest.Js: 11.1.13...

CVE-2026-2293 NestJS 11.1.13 - Lack of data validation allowing authentication/authorization bypass

A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fastify path-normalization options are enabled. This issue affects nest.Js: 11.1.13...

CVE-2026-2293 NestJS 11.1.13 - Lack of data validation allowing authentication/authorization bypass

A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fastify path-normalization options are enabled. This issue affects nest.Js: 11.1.13...

@fastify/middie 安全漏洞

@fastify/middie is an open-source middleware engine developed by Fastify. Versions of @fastify/middie prior to 9.2.0 contained security vulnerabilities. These vulnerabilities stemmed from the possibility of bypassing the path range middleware when using router normalization options, which could...

nest 安全漏洞

nest is a Node.js framework developed by Nestjs, designed for building efficient, scalable, and enterprise-level server-side applications using TypeScript/JavaScript. Version 11.1.13 of nest contains a security vulnerability. This vulnerability arises from NestJS applications that utilize...

PT-2026-22377

Name of the Vulnerable Software and Affected Versions @fastify/middie versions prior to 9.2.0 Description A flaw exists in @fastify/middie that can lead to authentication or authorization bypass when path-scoped middleware is used, such as with app.use'/secret', auth. This occurs when Fastify...

PT-2026-22347

Name of the Vulnerable Software and Affected Versions Nest.js version 11.1.13 Description A NestJS application utilizing the @nestjs/platform-fastify package may experience a bypass of authentication and authorization middleware when Fastify path-normalization options are enabled. This can...

GO-2026-4538 Caddy MatchPath %xx branch skips case normalization in github.com/caddyserver/caddy/v2

Caddy MatchPath %xx branch skips case normalization in github.com/caddyserver/caddy/v2...

CVE-2026-27704 Dart SDK and Flutter SDK have Zip slip in Dart Pub package extraction

The Dart and Flutter SDKs provide software development kits for the Dart programming language. In versions of the Dart SDK prior to 3.11.0 and the Flutter SDK prior to version 3.41.0, when the pub client dart pub and flutter pub extracts a package in the pub cache, a malicious package archive can...

CVE-2026-27704 Dart SDK and Flutter SDK have Zip slip in Dart Pub package extraction

The Dart and Flutter SDKs provide software development kits for the Dart programming language. In versions of the Dart SDK prior to 3.11.0 and the Flutter SDK prior to version 3.41.0, when the pub client dart pub and flutter pub extracts a package in the pub cache, a malicious package archive can...

CVE-2026-27704 Dart SDK and Flutter SDK have Zip slip in Dart Pub package extraction

The Dart and Flutter SDKs provide software development kits for the Dart programming language. In versions of the Dart SDK prior to 3.11.0 and the Flutter SDK prior to version 3.41.0, when the pub client dart pub and flutter pub extracts a package in the pub cache, a malicious package archive can...

CVE-2026-27704

The CVE-2026-27704 issue affects the Dart SDKs and Flutter SDKs prior to versions 3.11.0 and 3.41.0, respectively. During package extraction in the pub cache (via dart pub and flutter pub), a malicious package archive could cause files to be written outside the destination directory due to a path...

PT-2026-21924

Name of the Vulnerable Software and Affected Versions Dart SDK versions prior to 3.11.0 Flutter SDK versions prior to 3.41.0 Description The Dart and Flutter SDKs are susceptible to a path traversal issue within the pub client dart pub and flutter pub when extracting package archives from the PUB...

Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth bypass

Summary Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass host-based routing and any access controls attached to that route by changing the...

CVE-2026-27587 Caddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth bypass

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP path request matcher is intended to be case-insensitive, but when the match pattern contains percent-escape sequences %xx it compares against the request's escaped path without lowercasing. An...

CVE-2026-27587

CVE-2026-27587 affects Caddy prior to 2.11.1. The HTTP path matcher is intended to be case-insensitive, but when the pattern contains percent-escape sequences (%xx) it compares against the escaped path without lowercasing, allowing an attacker to bypass path-based routing or access controls by al...

CVE-2026-27587 Caddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth bypass

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP path request matcher is intended to be case-insensitive, but when the match pattern contains percent-escape sequences %xx it compares against the request's escaped path without lowercasing. An...

CVE-2026-27007

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...

CVE-2026-27007

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...