CVE-2026-54300
published 2026-06-22CVE-2026-54300: @astrojs/netlify is an adapter that allows Astro to deploy your hybrid or server rendered site to Netlify. Prior to 7.0.13, @astrojs/netlify converts Astro…
PriorityP429medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.19%
8.5th percentile
@astrojs/netlify is an adapter that allows Astro to deploy your hybrid or server rendered site to Netlify. Prior to 7.0.13, @astrojs/netlify converts Astro image.remotePatterns into Netlify Image CDN images.remote_images regular expressions with broader semantics than Astro's canonical matcher. A single wildcard hostname such as *.example.com is converted to an optional subdomain regex, so the apex host matches. A single wildcard pathname such as /ok/* is converted without end anchoring, so deeper paths match by prefix. This vulnerability is fixed in 7.0.13.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| astrojs | netlify | >= 0 < 7.0.13 | 7.0.13 |
| withastro | astro | < 7.0.13 | 7.0.13 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
withastro up to 7.0.12 CDN Image server-side request forgery
vuldb·2026-06-22·CVSS 5.3
CVE-2026-54300 [MEDIUM] withastro up to 7.0.12 CDN Image server-side request forgery
A vulnerability categorized as critical has been discovered in withastro astro up to 7.0.12. Affected by this issue is some unknown functionality of the component CDN Image Handler. Such manipulation leads to server-side request forgery.
This vulnerability is listed as CVE-2026-54300. The attack may be performed from remote. There is no available exploit.
It is advisable to upgrade the affected component.
GHSA
@astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN config
ghsa·2026-06-16
CVE-2026-54300 [MEDIUM] CWE-918 @astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN config
@astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN config
## Summary
`@astrojs/netlify` converts Astro `image.remotePatterns` into Netlify Image CDN `images.remote_images` regular expressions with broader semantics than Astro's canonical matcher. A single wildcard hostname such as `*.example.com` is converted to an optional subdomain regex, so the apex host matches. A single wildcard pathname such as `/ok/*` is converted without end anchoring, so deeper paths match by prefix.
## Technical details
The Netlify adapter generates regex strings for Netlify Image CDN from `image.remotePatterns`. For `*.example.com`, it emits `([a-z0-9-]+\\.)?example\\.com`, which makes the subdomain optional. Astro's canonical helper requires exactly one subdomain and rejects the apex
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-22
Published