Resource exhaustion in Nuxt-modules Og-image

CVE-2026-34404

Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /_og/d/ (and, in older versions, /og-image/) contains a Denial of Service (DoS) vulnerability. The issue arise…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.001 (19.0th percentile) — read the EPSS interpretation.

Affected products

Nuxt-modules Og-image — versions < 6.2.5

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

https://github.com/nuxt-modules/og-image/security/advisories/GHSA-c7xp-q6q8-hg76 (x_refsource_CONFIRM)