cbcvebase.

Nestjs Nest vulnerabilities

9 known vulnerabilities affecting nestjs/nest.

Total CVEs
9
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH5MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2025-54782P1HIGHCVSS 8.8ExploitedPoCfixed in 0.2.12025-08-02
CVE-2025-54782 [HIGH] CWE-77 CVE-2025-54782: Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and be Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution (RCE) vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API endpoint that uses an unsafe JavaScript sandbox (safe-eval
nvd
CVE-2026-54281P2HIGHCVSS 8.7fixed in 11.1.242026-06-22
CVE-2026-54281 [HIGH] CWE-863 CVE-2026-54281: Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.24, an aut Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.24, an authentication bypass vulnerability exists in @nestjs/platform-fastify. When middleware is registered through NestJS's MiddlewareConsumer.forRoutes() API on the Fastify adapter, an unauthenticated client can bypass the Nest middleware registered for that r
nvd
CVE-2026-2293P2CRITICALCVSS 9.8v11.1.132026-02-27
CVE-2026-2293 [CRITICAL] CWE-863 CVE-2026-2293: A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fastify path-normalization options are enabled. This issue affects nest.Js: 11.1.13.
nvd
CVE-2025-69211P3HIGHCVSS 7.4fixed in 11.1.112025-12-29
CVE-2025-69211 [HIGH] CWE-367 CVE-2025-69211: Nest is a framework for building scalable Node.js server-side applications. Versions prior to 11.1.1 Nest is a framework for building scalable Node.js server-side applications. Versions prior to 11.1.11 have a Fastify URL encoding middleware bypass. A NestJS application is vulnerable if it uses `@nestjs/platform-fastify`; relies on `NestMiddleware` (via `MiddlewareConsumer`) for security checks (authentication, authorization, etc.), or through `app.u
nvd
CVE-2026-33011P3HIGHCVSS 7.5fixed in 11.1.162026-03-20
CVE-2026-33011 [HIGH] CWE-670 CVE-2026-33011: Nest is a framework for building scalable Node.js server-side applications. In versions 11.1.15 and Nest is a framework for building scalable Node.js server-side applications. In versions 11.1.15 and below, a NestJS application using @nestjs/platform-fastify GET middleware can be bypassed because Fastify automatically redirects HEAD requests to the corresponding GET handlers (if they exist). As a result: middleware will be completely skipped, the HTT
nvd
CVE-2026-40879P3HIGHCVSS 7.5fixed in 11.1.192026-04-21
CVE-2026-40879 [HIGH] CWE-674 CVE-2026-40879: Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when a Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker sends many small, valid JSON messages in one TCP frame, handleData() recurses once per message; the buffer shrinks each call. maxBufferSize is never reached; call stack overflows instead. A ~47 KB payload is sufficient to trigger RangeError.
nvd
CVE-2024-29409P4MEDIUMCVSS 5.5v10.3.22025-03-14
CVE-2024-29409 [MEDIUM] CWE-94 CVE-2024-29409: File Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code File Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code via the Content-Type header.
nvd
CVE-2026-35515P4MEDIUMCVSS 6.1fixed in 11.1.182026-04-07
CVE-2026-35515 [MEDIUM] CWE-74 CVE-2026-35515: Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.18, SseStr Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.18, SseStream._transform() interpolates message.type and message.id directly into Server-Sent Events text protocol output without sanitizing newline characters (\r, \n). Since the SSE protocol treats both \r and \n as field delimiters and \n\n as event boundarie
nvd
CVE-2023-26108P4MEDIUMCVSS 5.3fixed in 9.0.52023-03-06
CVE-2023-26108 [MEDIUM] CWE-200 CVE-2023-26108: Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the Str Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open.
nvd
Nestjs Nest vulnerabilities | cvebase