Browse all 5 CVE security advisories affecting adonisjs. AI-powered Chinese analysis, POCs, and references for each vulnerability.
AdonisJS is a Node.js web framework primarily used for building scalable server-side applications and APIs. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from misconfigurations or input validation flaws. The framework's security features like built-in CSRF protection and encryption help mitigate risks, though developers must remain vigilant about proper implementation. While no major public security incidents have been widely reported, the five documented CVEs highlight areas where careful configuration and regular updates are essential to maintain secure deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-40255 | @adonisjs/http-server has an Open Redirect vulnerability — http-serverCWE-601 | 6.1 | Medium | 2026-04-16 |
This page lists every published CVE security advisory associated with adonisjs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.