Browse all 9 CVE security advisories affecting nearform. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Nearform specializes in developing high-performance software solutions, with a focus on Node.js and enterprise applications. Historically, their products have been associated with vulnerabilities like remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and insecure dependencies. While no major security incidents have been publicly documented, the 8 CVEs on record highlight recurring issues in component security and access controls. Their codebase typically emphasizes performance but has shown susceptibility to common web vulnerabilities, particularly in server-side request forgery and insecure deserialization. Security researchers note that while Nearform addresses reported flaws promptly, their complex architecture occasionally introduces exploitable misconfigurations in production environments.
CVE-2025-359412026-04-10GHSA-cjw9-ghj4-fwxf2026-04-10GHSA-v5p6-9g74-4w6m2026-04-08CVE-2026-350392026-04-07Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with nearform. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.