CVE-2026-33768
Published: 24 March 2026
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2026-33768 is a vulnerability in the Astro web framework, specifically the @astrojs/vercel serverless entrypoint prior to version 10.0.2. The flaw stems from the entrypoint reading the x-astro-path header or x_astro_path query parameter to rewrite the internal request path without any authentication. On deployments without Edge Middleware, this allows complete bypass of Vercel's platform-level path restrictions. The issue is rated 6.5 on the CVSS 3.1 scale (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) and maps to CWE-441 (Unintended Proxy or Intermediary) and CWE-862 (Missing Authorization).
Any network-accessible attacker can exploit this vulnerability without privileges or user interaction. By sending requests to permitted paths with the overriding header or query parameter, they can direct the request to restricted paths while preserving the original HTTP method and body. For instance, a POST to /api/health?x_astro_path=/admin/delete-user executes as a POST to /admin/delete-user, evading firewall rules that block /admin/* paths. This supports arbitrary methods including GET, POST, PUT, and DELETE.
The vulnerability has been patched in @astrojs/vercel version 10.0.2. Mitigation involves updating to this version or later. Details are provided in the Astro security advisory (GHSA-mr6q-rp88-fx84), pull request #15959, commit 335a204161f5a7293c128db570901d4f8639c6ed, and release notes for @astrojs/vercel@10.0.2.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability enables unauthenticated network attackers to bypass platform-level path restrictions in a public-facing Astro web application deployed on Vercel by rewriting request paths via headers or query parameters, directly facilitating T1190: Exploit Public-Facing Application.