Astro: Unauthenticated Path Override via `x-astro-path` / `x_astro_path`
- Severity:
- Medium
Description
The @astrojs/vercel serverless entrypoint reads the x-astro-path header and x_astro_path query parameter to rewrite the internal request path, with no authentication whatsoever. On deployments without Edge Middleware, this lets anyone bypass Vercel’s platform-level path restrictions entirely.
Recommendation
Update the @astrojs/vercel package to the latest compatible version. Followings are version details:
- Affected version(s): < 10.0.2
- Patched version(s): 10.0.2
References
Related Issues
- Astro has Full-Read SSRF in error rendering via Host: header injection - CVE-2026-25545
- @siteboon/claude-code-ui Vulnerable to Unauthenticated RCE via WebSocket Shell Injection - CVE-2026-31975
- SQL Injection via unsanitized JSON path keys when ignoring/silencing compilation errors or using `Kysely<any>`. - CVE-2026-32763
- Systeminformation has a Command Injection via unsanitized interface parameter in wifi.js retry path - CVE-2026-26280
- Tags:
- npm
- @astrojs/vercel
Anything's wrong? Let us know Last updated on March 26, 2026