Lucene search
+L

4 matches found

CVE
CVE
added 2026/06/26 6:13 p.m.16 views

CVE-2026-54753

Summary (CVE-2026-54753) Nx's nx graph local HTTP server (in versions 17.0.4 through 22.7.2 and 23.0.0-beta.2) exposed an overly permissive CORS policy by returning Access-Control-Allow-Origin: * on every response. This enabled cross-origin access to sensitive server data, including the full proj...

5.9CVSS5.9AI score0.00812EPSS
Exploits0References2
OSV
OSV
added 2026/06/26 6:13 p.m.2 views

CVE-2026-54753 Nx: `nx graph` dev server permissive CORS policy

Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx graph sent Access-Control-Allow-Origin: on every response, letting any website a developer visited read the server's responses cross-origin — including...

5.9CVSS6AI score0.00812EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 6:13 p.m.8 views

EUVD-2026-39831

Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx graph sent Access-Control-Allow-Origin: on every response, letting any website a developer visited read the server's responses cross-origin — including...

5.9CVSS5.9AI score0.00812EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 6:13 p.m.41 views

CVE-2026-54753 Nx: `nx graph` dev server permissive CORS policy

Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx graph sent Access-Control-Allow-Origin: on every response, letting any website a developer visited read the server's responses cross-origin — including...

5.9CVSS0.00812EPSS
Exploits0References2
Rows per page
Query Builder