Nitrojs Nitropack
2 CVEs affecting Nitrojs Nitropack. Latest disclosed: 2026-05-13. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-44372 | Medium | 6.1 | 2026-05-13 | Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could turn a redirect route rule using wildcards rewrite into a cross-host red… |
CVE-2026-44373 | Medium | 5.3 | 2026-05-13 | Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could bypass a proxy route rule by sending percent-encoded path traversal (..%… |