CVE-2026-47200

CVE Database · CVE-2026-47200

CVE-2026-47200

· MEDIUMAnalyzed

CVSS v3.1

5.3

CVSS v4.0

6.3

EPSS

0.35%

Published

Jun 12, 2026

Modified

Jun 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.11.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 and @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, when experimental.componentIslands is enabled (default in Nuxt 4), any .server.vue file under pages/ is automatically registered as a server island under the key page_<routeName> and exposed via the /__nuxt_island/:name endpoint. Until this fix, requests through that endpoint rendered the page component directly via the SSR renderer without instantiating Vue Router, which meant route middleware declared on the page (including definePageMeta({ middleware })) did not run. This issue has been patched in versions 3.21.6 and 4.4.6.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-284CWE-288

Affected Products (4)

nuxt · nuxt (up to 3.21.6)vulnerable

nuxt · nuxt (up to 4.4.6)vulnerable

nuxt · nuxt\/nitro-server (up to 3.21.6)vulnerable

nuxt · nuxt\/nitro-server (up to 4.4.6)vulnerable

References (3)

https://github.com/nuxt/nuxt/pull/35092

Issue Tracking

https://github.com/nuxt/nuxt/security/advisories/GHSA-hg3f-28rg-4jxj

ExploitPatchVendor Advisory

https://github.com/nuxt/nuxt/security/advisories/GHSA-hg3f-28rg-4jxj

ExploitPatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs