CVE-2026-25651 | THREATINT

Description

client-certificate-auth is middleware for Node.js implementing client SSL certificate authentication/authorization. Versions 0.2.1 and 0.3.0 of client-certificate-auth contain an open redirect vulnerability. The middleware unconditionally redirects HTTP requests to HTTPS using the unvalidated Host header, allowing an attacker to redirect users to arbitrary domains. This vulnerability is fixed in 1.0.0.

PUBLISHED Reserved 2026-02-04 | Published 2026-02-06 | Updated 2026-02-09 | Assigner GitHub_M

MEDIUM: 6.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Problem types

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

Product status

>= 0.2.1, < 1.0.0

affected

References

github.com/...e-auth/security/advisories/GHSA-m4w9-gch5-c2g4

github.com/tgies/client-certificate-auth/releases/tag/v1.0.0

cve.org (CVE-2026-25651)

nvd.nist.gov (CVE-2026-25651)

Download JSON