Improper input validation in Withastro Astro

CVE-2026-33769

Astro is a web framework. From version 2.10.10 to before version 5.18.1, this issue concerns Astro's remotePatterns path enforcement for remote URLs used by server-side fetchers such as the image optimization endpoint. The path matching lo…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.000 (11.1th percentile) — read the EPSS interpretation.