Nestjs Nest
5 CVEs affecting Nestjs Nest. Latest disclosed: 2026-04-21. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40879 | High | 7.5 | 2026-04-21 | Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker sends many small, valid JSON messages in one TCP… |
CVE-2026-35515 | | 2026-04-07 | Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.18, SseStream._transform() interpolates message.type and message.id d… | |
CVE-2026-33011 | | 2026-03-20 | Nest is a framework for building scalable Node.js server-side applications. In versions 11.1.15 and below, a NestJS application using @nestjs/platform-fastify… | |
CVE-2025-69211 | | 2025-12-29 | Nest is a framework for building scalable Node.js server-side applications. Versions prior to 11.1.11 have a Fastify URL encoding middleware bypass. A NestJS a… | |
CVE-2025-54782 | | 2025-08-01 | Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution (RCE) vulnerability w… |