Exposure of Sensitive System Information to an Unauthorized Control Sphere Affecting nuxt package, versions >=4.0.0-alpha.1 <4.4.7
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-JS-NUXT-17353906
- published17 Jun 2026
- disclosed15 Jun 2026
- creditmanop55555
Introduced: 15 Jun 2026
New CVE NOT AVAILABLE CWE-497 (opens in a new tab)How to fix?
Upgrade nuxt to version 4.4.7 or higher.
Overview
Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the unauthenticated /.well-known/appspecific/com.chrome.devtools.json endpoint, which exposes the absolute filesystem path of the project and a persistent workspace UUID. An attacker can obtain sensitive information about the development environment by sending direct HTTP requests to the exposed endpoint when the development server is running and accessible on a non-loopback interface or through DNS rebinding attacks.
Note: This is only exploitable if the development server is started with host binding to a non-loopback interface or if DNS rebinding is possible.
Workaround
This vulnerability can be mitigated by setting experimental: { chromeDevtoolsProjectSettings: false } in the configuration.