216.73.216.233

CVE-2026-53721

· Published 12/06/2026 17:16 · Modified 12/06/2026 16:01 · Author: The MITRE Corporation

Labels: CVE-2026-53721 2026-06-12CVE-2026-53721CWE-178[email protected]

Essential information

Published
12/06/2026 17:16
Modified
12/06/2026 16:01
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
8.2 HIGH (v3.1) 8.8 HIGH (v4.0)
CISA KEV
No
CWE
CWE-178
EPSS (First)
P6.5% ?EPSS percentile: rank of this vulnerability versus all others. Higher percentile = more likely to be exploited. Learn more (score 0.00022)
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CVSS metrics

Description

Nuxt is an open-source web development framework for Vue.js. From versions 3.11.0 to before 3.21.7 and 4.0.0 to before 4.4.7, there is a route-rule middleware bypass via case-sensitivity mismatch between vue-router and the routeRules matcher. This issue has been patched in versions 3.21.7 and 4.4.7.

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
nuxt / nuxt cpe:2.3:a:nuxt:nuxt:3.11.0-3.21.6:*:*:*:*:*:*:*
nuxt / nuxt cpe:2.3:a:nuxt:nuxt:4.0.0-4.4.6:*:*:*:*:*:*:*

References