Browse all 6 CVE security advisories affecting koajs. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-27959 | Koa has Host Header Injection via `ctx.hostname` — koaCWE-20 | 7.5 | High | 2026-02-26 |
| CVE-2025-62595 | Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic — koaCWE-601 | 4.3 | Medium | 2025-10-21 |
| CVE-2025-8129 | KoaJS Koa HTTP Header response.js back redirect — KoaCWE-601 | 3.5 | Low | 2025-07-25 |
| CVE-2025-32379 | XSS at ctx.redirect() function in Koajs — koaCWE-79 | 5.0 | Medium | 2025-04-09 |
| CVE-2025-25200 | Koa has Inefficient Regular Expression Complexity — koaCWE-1333 | 7.5 | - | 2025-02-12 |
| CVE-2023-49803 | @koa/cors has overly permissive origin policy — corsCWE-346 | 8.6 | High | 2023-12-11 |
This page lists every published CVE security advisory associated with koajs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.