CVE-2026-44589 | nuxt-modules og-image up to 6.4.8 isBlockedUrl server-side request forgery (GHSA-c2rm-g55x-8hr5)

A vulnerability marked as critical has been reported in nuxt-modules og-image up to 6.4.8. This issue affects the function isBlockedUrl. The manipulation leads to server-side request forgery.

This vulnerability is listed as CVE-2026-44589. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More