All 5 CVE vulnerabilities found in koa, with AI-generated Chinese analysis, references, and POCs.
Vendor: koajs
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-27959 | Koa has Host Header Injection via `ctx.hostname` CWE-20 | 7.5 | High | 2026-02-26 |
| CVE-2025-62595 | Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic CWE-601 | 4.3 | Medium | 2025-10-21 |
| CVE-2025-8129 | KoaJS Koa HTTP Header response.js back redirect CWE-601 | 3.5 | Low | 2025-07-25 |
| CVE-2025-32379 | XSS at ctx.redirect() function in Koajs CWE-79 | 5.0 | Medium | 2025-04-09 |
| CVE-2025-25200 | Koa has Inefficient Regular Expression Complexity CWE-1333 | 7.5 | - | 2025-02-12 |
All 5 known CVE vulnerabilities affecting koa with full Chinese analysis, references, and POCs where available.