CVE-2026-53721

CVE-2026-53721 affects Nuxt (Vue.js framework) earlier branches: 3.11.0–3.21.6 and 4.0.0–4.4.6 are vulnerable to a route-rule middleware bypass caused by a case-sensitivity mismatch between vue-router and the routeRules matcher. The issue has been patched in Nuxt versions 3.21.7 and 4.4.7. The CV...

EUVD-2026-36427

Nuxt is an open-source web development framework for Vue.js. From versions 3.11.0 to before 3.21.7 and 4.0.0 to before 4.4.7, there is a route-rule middleware bypass via case-sensitivity mismatch between vue-router and the routeRules matcher. This issue has been patched in versions 3.21.7 and 4.4...

PT-2026-48880

Nuxt is an open-source web development framework for Vue.js. From versions 3.11.0 to before 3.21.7 and 4.0.0 to before 4.4.7, there is a route-rule middleware bypass via case-sensitivity mismatch between vue-router and the routeRules matcher. This issue has been patched in versions 3.21.7 and 4.4...

CVE-2026-29777

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.10, A tenant with write access to an HTTPRoute resource can inject backtick-delimited rule tokens into Traefik's router rule language via unsanitized header or query parameter match values. In shared gateway deployments, this can...