cvedb.io
CVE-2026-34405
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2026-03-31T22:16:18.813 · Last modified 2026-06-17T10:39:01.310

Summary

Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /_og/d/ (and, in older versions, /og-image/) contains a vulnerability that allows injection of arbitrary attributes into the HTML page body. This issue has been patched in version 6.2.5.

Affected products

nuxt — og_image

Does this affect you?

Add your gear to cvedb and we'll alert you only when nuxt ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.