CVE-2026-56697

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...

PT-2026-51417

Name of the Vulnerable Software and Affected Versions Nuxt versions 3.x prior to 3.21.7 Nuxt versions 4.0.0 through 4.4.6 Description Nuxt fails to validate script-capable URLs in the navigateTo open option, which allows for client-side script execution. When user-controlled input is passed to...

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions via the module and resolve request types in the internal IPC server. An attacker can access sensitive files and secrets by connecting to the world-accessible abstract-namespace Unix socket and issuing craft...

@bloggrify/bento (>=3.0.0 <=3.0.1), @bloggrify/core (>=3.0.0 <=3.1.2) +22 more potentially affected by CVE-2026-47200 via nuxt (>=4.0.0-rc.0 <=4.4.4)

nuxt NPM version =4.0.0-rc.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =1.0.3, =10.0.2, =1.1.11, =1.0.4, =0.4.5, =0.0.0, =0.0.1, =1.0.0, =1.1.0, =2.0.1 and more Source cves: CVE-2026-47200 Source advisory: OSV:GHSA-HG3F-28RG-4JXJ...

@andor83/mother-may-i (>=1.0.1 <=1.0.10), @base_/cli (>=1.0.6 <=1.0.29-beta.26) +56 more potentially affected by CVE-2026-47200 via nuxt (>=3.11.2 <=3.20.1)

nuxt NPM version =3.11.2, =1.0.1, =1.0.6, =1.0.6, =0.9.1, =1.2.1, =1.2.0, =1.1.0, =1.0.0-29304822.f444f03, =8.0.0, =0.3.14, =9.8.3, =1.12.0-rc.5, =1.0.1-alpha.0, =1.0.1-alpha.33 and more Source cves: CVE-2026-47200 Source advisory: SNYK:JS-NUXT-17111072...

@bloggrify/bento (>=3.0.0 <=3.0.1), @bloggrify/core (>=3.0.0 <=3.1.2) +22 more potentially affected by CVE-2026-46342 via nuxt (>=4.0.0-rc.0 <=4.4.4)

nuxt NPM version =4.0.0-rc.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =1.0.3, =10.0.2, =1.1.11, =1.0.4, =0.4.5, =0.0.0, =0.0.1, =1.0.0, =1.1.0, =2.0.1 and more Source cves: CVE-2026-46342 Source advisory: SNYK:JS-NUXT-16770418...

@classement-des-associations/website-theme (=0.1.3), @geode/opengeodeweb-front (>=9.13.1 <=10.0.2-rc.4) +22 more potentially affected by CVE-2026-46342 via nuxt (>=3.1.2 <=3.20.1)

nuxt NPM version =3.1.2, =9.13.1, =0.20.1, =0.15.1, =0.13.1, =0.16.0, =0.10.1, =0.16.1, =0.13.0, =1.0.0-beta.1, =1.1.0-beta.1, =1.1.0-beta.3 and more Source cves: CVE-2026-46342 Source advisory: SNYK:JS-NUXT-16770418...

@classement-des-associations/website-theme (=0.1.3), @geode/opengeodeweb-front (>=9.13.1 <=10.0.2-rc.4) +22 more potentially affected by CVE-2026-46342 via nuxt (>=3.1.2 <=3.20.1)

nuxt NPM version =3.1.2, =9.13.1, =0.20.1, =0.15.1, =0.13.1, =0.16.0, =0.10.1, =0.16.1, =0.13.0, =1.0.0-beta.1, =1.1.0-beta.1, =1.1.0-beta.3 and more Source cves: CVE-2026-46342 Source advisory: OSV:GHSA-G8WJ-3CR3-6W7V...

@bloggrify/bento (>=3.0.0 <=3.0.1), @bloggrify/core (>=3.0.0 <=3.1.2) +22 more potentially affected by CVE-2026-46342 via nuxt (>=4.0.0-rc.0 <=4.4.4)

nuxt NPM version =4.0.0-rc.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =1.0.3, =10.0.2, =1.1.11, =1.0.4, =0.4.5, =0.0.0, =0.0.1, =1.0.0, =1.1.0, =2.0.1 and more Source cves: CVE-2026-46342 Source advisory: OSV:GHSA-G8WJ-3CR3-6W7V...

@bloggrify/bento (>=3.0.0 <=3.0.1), @bloggrify/core (>=3.0.0 <=3.1.2) +22 more potentially affected by CVE-2026-45669 via nuxt (>=4.0.0-rc.0 <=4.4.4)

nuxt NPM version =4.0.0-rc.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =1.0.3, =10.0.2, =1.1.11, =1.0.4, =0.4.5, =0.0.0, =0.0.1, =1.0.0, =1.1.0, =2.0.1 and more Source cves: CVE-2026-45669 Source advisory: OSV:GHSA-FX6J-W5W5-H468...

@bloggrify/bento (>=3.0.0 <=3.0.1), @bloggrify/core (>=3.0.0 <=3.1.2) +22 more potentially affected by CVE-2026-45669 via nuxt (>=4.0.0-rc.0 <=4.4.4)

nuxt NPM version =4.0.0-rc.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =1.0.3, =10.0.2, =1.1.11, =1.0.4, =0.4.5, =0.0.0, =0.0.1, =1.0.0, =1.1.0, =2.0.1 and more Source cves: CVE-2026-45669 Source advisory: SNYK:JS-NUXT-16770149...

Denial Of Service (DoS)

Nuxt is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to improper handling of query strings in CDN-cached routes, where crafted requests such as /?/payload.json can cause JSON responses to be cached and served to normal users, allowing attackers to poison the CDN cache and rende...

CVE-2024-34343

Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. The navigateTo function attempts to blockthe javascript: protocol, but does not correctly use API's provided by unjs/ufo. This library also contains parsing discrepancies. The function first...

EUVD-2025-0132

Malicious code in bioql PyPI...

CVE-2025-59414

Nuxt (Vue.js framework) exposes a client-side path traversal in the Island payload revival during prerendering. The vulnerability occurs in the revive-payload.client.ts flow when serialized __nuxt_island objects trigger Island fetches via /__nuxt_island/${key}.json, with key potentially containin...

CVE-2025-27415

Nuxt is an open-source web development framework for Vue.js. Prior to 3.16.0, by sending a crafted HTTP request to a server behind an CDN, it is possible in some circumstances to poison the CDN cache and highly impacts the availability of a site. It is possible to craft a request, such as...

CVE-2025-27415

CVE-2025-27415 affects Nuxt (Vue.js framework) prior to version 3.16.0. A crafted HTTP request sent to a server behind a CDN can poison the CDN cache under certain conditions, potentially rendering JSON like https://mysite.com/?/_payload.json and causing the cached response to be served to future...

Nuxt 安全漏洞

Nuxt is a free open source framework from Nuxt Open Source. A security vulnerability exists in Nuxt versions prior to 3.16.0 that originates from a specially crafted HTTP request sent to a server behind a CDN, which may poison the CDN cache in some cases, severely impacting site availability...

Cross-Origin Resource Sharing (CORS) Misconfiguration

Nuxt is vulnerable to Cross-Origin Resource Sharing CORS misconfiguration. The vulnerability is due to default CORS settings in Nuxt, which allowed any website to send requests to the development server and read the responses. It allows an attacker to send requests from a malicious website and...

Script Injection

Nuxt is vulnerable to Script injection. The vulnerability is due to the lack of same-origin policy enforcement for script requests, allows attackers to inject malicious scripts into a victim's site via a script tag, bypassing security measures intended to prevent such cross-origin interactions...