Vuln
·
Scope
Home
Packages
KEV
Critical
Insights
Jobs
Pricing
EN
中
Loading…
npm/@fastify/express — 3 CVEs · VulnScope
pkg:npm/
@fastify/express
3 total CVEs
CRITICAL
2
HIGH
1
✅ Check your installed version
Check
All known vulnerabilities
CRITICAL
9.1
CVE-2026-33808
@fastify/express has a middleware authentication bypass via URL normalization gaps (duplicate slashes and semicolons)
from 0, < 4.0.5
CRITICAL
9.1
CVE-2026-33807
@fastify/express's middleware path doubling causes authentication bypass in child plugin scopes
from 0, < 4.0.5
HIGH
8.4
CVE-2026-22037
@fastify/express vulnerable to Improper Handling of URL Encoding (Hex Encoding)
from 0, < 4.0.3