CVE-2026-47200

MEDIUM EPSS 13.7%
Published Jun 12, 20262w ago · Modified Jun 17, 20261w ago
6.3 CVSS 4.0
Medium
Find Similar
Published Jun 12, 2026 2w ago
Last Modified Jun 17, 2026 1w ago

Description

Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.11.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 and @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, when experimental.componentIslands is enabled (default in Nuxt 4), any .server.vue file under pages/ is automatically registered as a server island under the key page_<routeName> and exposed via the /__nuxt_island/:name endpoint. Until this fix, requests through that endpoint rendered the page component directly via the SSR renderer without instantiating Vue Router, which meant route middleware declared on the page (including definePageMeta({ middleware })) did not run. This issue has been patched in versions 3.21.6 and 4.4.6.

CVSS Details

Base Score
6.3
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
13.7% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 2

CWE-284
CWE-288

Affected Products 4

VendorProductVersionRange
nuxtnuxt*≥3.11.0  –  <3.21.6
nuxtnuxt*≥4.0.0  –  <4.4.6
nuxtnuxt\/nitro-server*≥3.20.0  –  <3.21.6
nuxtnuxt\/nitro-server*≥4.2.0  –  <4.4.6

References 2

  • github.com https://github.com/nuxt/nuxt/pull/35092
    Issue Tracking
  • github.com https://github.com/nuxt/nuxt/security/advisories/GHSA-hg3f-28rg-4jxj
    ExploitPatchVendor Advisory

Remediation

  • github.com https://github.com/nuxt/nuxt/security/advisories/GHSA-hg3f-28rg-4jxj
    ExploitPatchVendor Advisory