Security Advisories · fastify/middie · GitHub

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

@fastify/middie vulnerable to middleware bypass via deprecated ignoreDuplicateSlashes option
GHSA-v9ww-2j6r-98q6 published Apr 16, 2026 by climba03003

High
@fastify/middie vulnerable to middleware authentication bypass in child plugin scopes
GHSA-72c6-fx6q-fr5w published Apr 16, 2026 by climba03003

Critical
Improper path normalization
GHSA-8p85-9qpw-fwgw published Feb 27, 2026 by mcollina

High
Fastify Middie Middleware Path Bypass
GHSA-cxrg-g7r8-w69p published Jan 19, 2026 by Eomm

High

⚡