CVE-2026-44372
MEDIUMNitro: Open Redirect via Protocol-Relative URL Bypass in Wildcard Route Rules
Title source: cnaDescription
Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could turn a redirect route rule using wildcards rewrite into a cross-host redirect by sliding an extra slash in after the rule prefix. This vulnerability is fixed in 3.0.260429-beta.
References (4)
Core 4
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/nitrojs/nitro/security/advisories/GHSA-9phm-9p8f-hw5m
X_Refsource_Misc x_refsource_misc
https://github.com/nitrojs/nitro/pull/4236
X_Refsource_Misc x_refsource_misc
https://github.com/nitrojs/nitro/releases/tag/v2.13.4
X_Refsource_Misc x_refsource_misc
https://github.com/nitrojs/nitro/releases/tag/v3.0.260429-beta
Scores
CVSS v3
6.1
EPSS
0.0024
EPSS Percentile
14.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-601
Status
published
Products (5)
nitro/nitro
< 2.13.4
nitrojs/nitro
< 3.0.260429-beta
nitrojs/nitropack
< 2.13.4
npm/nitro
0 - 3.0.260429-betanpm
npm/nitropack
0 - 2.13.4npm
Published
May 13, 2026
Tracked Since
May 14, 2026