Package impact
npm / nuxt
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45669 | medium | — | 5.5 | 10d ago | Nuxt: Reflected XSS in `navigateTo()` external redirect | |||
| CVE-2026-46342 | low | — | 2.5 | 10d ago | Nuxt: `__nuxt_island` endpoint does not bind responses to request props, enabling shared-cache poisoning | |||
| CVE-2026-47200 | unknown | — | — | 3h ago | Nuxt's route middleware is not enforced when rendering `.server.vue` pages via `/__nuxt_island/page_*` |