Nuxt is a free and open-source framework with an intuitive and extendable way to create type-safe, performant and production-grade full-stack web applications and websites with Vue.js.
92%
Total Score
62
100
100
100
100
| Title | Versions | Severity |
|---|---|---|
CVE-2026-53722 nuxt is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 4.0.0 - 4.4.7 and 0.0.0 - 3.21.7. | 0.0.0 - 3.21.74.0.0 - 4.4.7 | Medium |
CVE-2026-53721 nuxt is vulnerable to Improper Handling of Case Sensitivity in versions 4.0.0 - 4.4.7 and 3.11.0 - 3.21.7. | 3.11.0 - 3.21.74.0.0 - 4.4.7 | High |
CVE-2026-56326 nuxt is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 4.0.0 - 4.4.7 and 0.0.0 - 3.21.7. | 0.0.0 - 3.21.74.0.0 - 4.4.7 | Medium |
AIKIDO-2026-10948 nuxt is vulnerable to Authentication Bypass in versions 3.11.0 - 3.21.5 and 4.0.0 - 4.4.5. | 3.11.0 - 3.21.54.0.0 - 4.4.5 | Medium |
CVE-2026-46342 nuxt is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 3.1.0 - 3.21.5 and 4.0.0-alpha.1 - 4.4.5. | 3.1.0 - 3.21.54.0.0-alpha.1 - 4.4.5 | Medium |
| Dependency | Last Release | Score |
|---|---|---|
ufo Version ^1.6.4 | — | — |
vue Version ^3.5.35 | — | — |
defu Version ^6.1.7 | — | — |
errx Version ^0.1.0 | — | — |
jiti Version ^2.7.0 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant