DepKeep

OSS Support Hub / Web Framework

Node.js Web Framework NOASSERTION Latest: v3.0.260429-beta

Nitro

Universal server engine powering Nuxt — runs anywhere

npmGitHub
Health Metrics

Project Health at a Glance

Live data from GitHub and npm, updated daily.

10.8K
GitHub Stars
📦
v3.0.260429-beta
Latest Release · 17 days ago
🔄
19d
Avg. Release Cadence
🐛
564
Open Issues
📅
3 days ago
Last Commit
⬇️
1.5M
Weekly Downloads
🔒
2
Active CVEs

Data last fetched: 2026-05-16

Security

Known Vulnerabilities

2 active CVEs reported via OSV.dev

GHSA-5w89-w975-hf9q CVSS_V3

Nitro has a proxy scope bypass via percent-encoded path traversal in `routeRules`

Published: 2026-05-06 Fixed in: 3.0.260429-beta
GHSA-9phm-9p8f-hw5m CVSS_V4

Nitro has an Open Redirect via Protocol-Relative URL Bypass in Wildcard Route Rules

Published: 2026-05-06 Fixed in: 3.0.260429-beta
Ecosystem

Alternatives to Nitro

Other Web Framework projects in the Node.js ecosystem worth evaluating.

hono fastify encore
Get Help

Support Options for Nitro

Enterprise Support via DepKeep

Get SLA-backed support, security patches, and direct access to senior engineers for Nitro — without relying on volunteer maintainers.

Talk to an Expert →

Community Channels

GitHub Discussions →Discord →