{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T08:13:30.503","vulnerabilities":[{"cve":{"id":"CVE-2026-25155","sourceIdentifier":"security-advisories@github.com","published":"2026-02-03T22:16:30.987","lastModified":"2026-02-10T20:07:58.410","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Qwik is a performance focused javascript framework. Prior to version 1.12.0, a typo in the regular expression within isContentType causes incorrect parsing of certain Content-Type headers. This issue has been patched in version 1.12.0."},{"lang":"es","value":"Qwik es un framework de JavaScript centrado en el rendimiento. Antes de la versión 1.12.0, un error tipográfico en la expresión regular dentro de isContentType provoca un análisis incorrecto de ciertos encabezados Content-Type. Este problema ha sido parcheado en la versión 1.12.0."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qwik:qwik:*:*:*:*:*:node.js:*:*","versionEndExcluding":"1.12.0","matchCriteriaId":"06AADB22-29A3-45E2-BB6A-2F770D4AEBC7"}]}]}],"references":[{"url":"https://github.com/QwikDev/qwik/commit/d70d7099b90b998f1aac7cedc21c67d87bac4c75","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/QwikDev/qwik/security/advisories/GHSA-vm6g-8r4h-22x8","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}