All 2 CVE vulnerabilities found in @fastify/express, with AI-generated Chinese analysis, references, and POCs.
Vendor: fastify
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-33807 | @fastify/express vulnerable to middleware path doubling causing authentication bypass in child plugin scopes CWE-436 | 9.1 | Critical | 2026-04-15 |
| CVE-2026-33808 | @fastify/express vulnerable to middleware authentication bypass via URL normalization gaps (duplicate slashes and semicolons) CWE-436 | 9.1 | - | 2026-04-15 |
All 2 known CVE vulnerabilities affecting @fastify/express with full Chinese analysis, references, and POCs where available.