CVE-2026-25651

MEDIUM

NPM Client-certificate-auth < 1.0.0 - Open Redirect

Title source: rule

Description

client-certificate-auth is middleware for Node.js implementing client SSL certificate authentication/authorization. Versions 0.2.1 and 0.3.0 of client-certificate-auth contain an open redirect vulnerability. The middleware unconditionally redirects HTTP requests to HTTPS using the unvalidated Host header, allowing an attacker to redirect users to arbitrary domains. This vulnerability is fixed in 1.0.0.

References (2)

[Vendor Advisory] https://github.com/tgies/client-certificate-auth/security/advisories/GHSA-m4w9-gch5-c2g4

[Release Notes] https://github.com/tgies/client-certificate-auth/releases/tag/v1.0.0

Scores

CVSS v3 6.1

EPSS 0.0002

EPSS Percentile 4.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-601

Status published

Products (2)

npm/client-certificate-auth 0.2.1 - 1.0.0npm

tgies/client-certificate-auth 0.2.1 - 1.0.0

Published Feb 06, 2026

Tracked Since Feb 18, 2026