Astro is a modern site builder with web best practices, performance, and DX front-of-mind.
85%
Total Score
100
20
91
100
100
| Title | Versions | Severity |
|---|---|---|
CVE-2026-54298 astro is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 6.4.6. | 0.0.0 - 6.4.6 | Medium |
CVE-2026-54299 astro is vulnerable to Improper Input Validation in versions 0.0.0 - 6.4.6. | 0.0.0 - 6.4.6 | High |
AIKIDO-2026-10849 astro is vulnerable to Cross-site Scripting (XSS) in versions 3.0.0 - 6.3.2. | 3.0.0 - 6.3.2 | Medium |
CVE-2026-45028 astro is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 6.1.10. | 0.0.0 - 6.1.10 | Medium |
CVE-2026-41067 astro is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 6.1.6. | 0.0.0 - 6.1.6 | Medium |
| Dependency | Last Release | Score |
|---|---|---|
zod Version ^4.3.6 | — | — |
clsx Version ^2.1.1 | — | — |
diff Version ^8.0.3 | — | — |
dset Version ^3.1.4 | — | — |
obug Version ^2.1.1 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant