Astro has Full-Read SSRF in error rendering via Host: header injection
- Severity:
- Medium
Description
Server-Side Rendered pages that return an error with a prerendered custom error page (eg. 404.astro or 500.astro) are vulnerable to SSRF. If the Host: header is changed to an attacker’s server, it will be fetched on /500.html and they can redirect this to any internal URL to read the response body through the first request.
Recommendation
Update the @astrojs/node package to the latest compatible version. Followings are version details:
- Affected version(s): < 9.5.4
- Patched version(s): 9.5.4
References
Related Issues
- SCEditor has DOM XSS via emoticon URL/HTML injection - CVE-2026-25581
- enclave-vm Vulnerable to Sandbox Escape via Host Error Prototype Chain - CVE-2026-22686
- jsPDF has a PDF Object Injection via Unsanitized Input in addJS Method - CVE-2026-25755
- Systeminformation has a Command Injection via unsanitized interface parameter in wifi.js retry path - CVE-2026-26280
- Tags:
- npm
- @astrojs/node
Anything's wrong? Let us know Last updated on February 25, 2026