HIGH
fast-uri
CVE published 2026-05-04
CVE-2026-6321
A high-severity vulnerability was found in fast-uri, a JavaScript library used for URI parsing. The vulnerability, tracked as CVE-2026-6321, has a CVSS score of 7.5 and is classified as HIGH. The issue arises from the library's handling of percent-encoded path separators and dot segments in its normalize() and equal() functions. This flaw allows attackers to bypass path-based security policies by manipula [truncated]