CVE-2026-25545
Published: 24 February 2026
Summary
CVE-2026-25545 is a medium-severity SSRF (CWE-918) vulnerability in Astro \@Astrojs\/Node. Its CVSS base score is 6.9 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 24.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-10 (Information Input Validation).
Deeper analysis
Astro, a web framework for building sites, is affected by a server-side request forgery vulnerability in versions prior to 9.5.4. The flaw occurs in server-side rendered pages that use prerendered custom error pages such as 404.astro or 500.astro. When the Host header is supplied by an untrusted source, the framework fetches content from that header value while serving the error page, allowing an attacker to supply a redirect that reaches internal URLs and returns their response bodies to the original request.
An attacker who can reach the Astro application directly, for example by discovering its origin IP behind a proxy or when no Host validation is present, can exploit the issue by pointing the Host header at a server they control. That server issues a redirect to any internal IP address or localhost service, enabling the attacker to retrieve cloud-instance metadata, interact with internal network endpoints, or read responses that would otherwise be inaccessible. The attack requires no authentication and succeeds when the common custom-error-page feature is enabled.
The vulnerability is resolved in Astro 9.5.4. The project advisory and accompanying commit in the withastro/astro repository describe the SSRF vector and confirm that the patched release prevents the Host header from being used to fetch attacker-controlled redirects during error-page rendering. The associated EPSS scores remain low, with a current value of 0.0514 and a peak of 0.0611.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-7455
Vulnerability details
Astro is a web framework. Prior to version 9.5.4, Server-Side Rendered pages that return an error with a prerendered custom error page (eg. `404.astro` or `500.astro`) are vulnerable to SSRF. If the `Host:` header is changed to an attacker's server,…
more
it will be fetched on `/500.html` and they can redirect this to any internal URL to read the response body through the first request. An attacker who can access the application without `Host:` header validation (eg. through finding the origin IP behind a proxy, or just by default) can fetch their own server to redirect to any internal IP. With this they can fetch cloud metadata IPs and interact with services in the internal network or localhost. For this to be vulnerable, a common feature needs to be used, with direct access to the server (no proxies). Version 9.5.4 fixes the issue.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SSRF in public-facing Astro SSR app enables T1190 exploitation of web apps via Host header manipulation; directly facilitates T1522 by allowing redirects to and response retrieval from cloud metadata endpoints.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Timely remediation through patching to Astro version 9.5.4 directly eliminates the SSRF flaw in error page rendering triggered by Host header manipulation.
Boundary protection via reverse proxies or WAFs enforces Host header validation and prevents direct origin server access required for exploitation.
Input validation of the Host header prevents manipulation that causes the server to fetch attacker-controlled endpoints during error page rendering.