CVE-2026-56326 - Medium Severity Vulnerability
Vulnerable Library - nuxt-2.14.3.tgz
A minimalistic framework for server-rendered Vue.js applications (inspired by Next.js)
Library home page: https://registry.npmjs.org/nuxt/-/nuxt-2.14.3.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/nuxt/package.json
Dependency Hierarchy:
- ❌ nuxt-2.14.3.tgz (Vulnerable Library)
Found in HEAD commit: de1c2b0d1a23367b161c2d995029f9693bd8a155
Found in base branch: master
Vulnerability Details
Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate path-normalized payloads like /..//evil.com and /.//evil.com. Attackers can bypass external-host checks using path-normalization techniques to redirect users to attacker-controlled sites via the Location header or meta-refresh, enabling phishing and OAuth authorization-code theft.
Publish Date: 2026-06-22
URL: CVE-2026-56326
CVSS 3 Score Details (6.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Release Date: 2026-06-22
Fix Resolution: https://github.com/nuxt/nuxt.git - v3.21.7,https://github.com/nuxt/nuxt.git - v4.4.7
Step up your Open Source Security Game with Mend here
CVE-2026-56326 - Medium Severity Vulnerability
A minimalistic framework for server-rendered Vue.js applications (inspired by Next.js)
Library home page: https://registry.npmjs.org/nuxt/-/nuxt-2.14.3.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/nuxt/package.json
Dependency Hierarchy:
Found in HEAD commit: de1c2b0d1a23367b161c2d995029f9693bd8a155
Found in base branch: master
Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate path-normalized payloads like /..//evil.com and /.//evil.com. Attackers can bypass external-host checks using path-normalization techniques to redirect users to attacker-controlled sites via the Location header or meta-refresh, enabling phishing and OAuth authorization-code theft.
Publish Date: 2026-06-22
URL: CVE-2026-56326
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Type: Upgrade version
Release Date: 2026-06-22
Fix Resolution: https://github.com/nuxt/nuxt.git - v3.21.7,https://github.com/nuxt/nuxt.git - v4.4.7
Step up your Open Source Security Game with Mend here