MEDIUM🇵🇱 Wersja polska

CVE-2026-35515

CVSS 6.3v4.0pub. 2026-04-07upd. 2026-04-17

Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.18, SseStream._transform() interpolates message.type and message.id directly into Server-Sent Events text protocol output without sanitizing newline characters (\r, \n). Since the SSE protocol treats both \r and \n as field delimiters and \n\n as event boundaries, an attacker who can influence these fields through upstream data sources can inject arbitrary SSE events, spoof event types, and corrupt reconnection state. This vulnerability is fixed in 11.1.18.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Nestjs Nest

    APP
    Nestjs
    < 11.1.18
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-40879HIGH7.5ten sam produkt

Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker...

CVE-2026-33011HIGH8.7ten sam produkt

Nest is a framework for building scalable Node.js server-side applications. In versions 11.1.15 and below, a N...

CVE-2026-2293HIGH8.2ten sam produkt

A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middlewar...

CVE-2025-69211MEDIUM6.9ten sam produkt

Nest is a framework for building scalable Node.js server-side applications. Versions prior to 11.1.11 have a F...

CVE-2024-29409MEDIUM5.5ten sam produkt

File Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code via the C...