Every CVE whose affected-product data names Fastify Reply-from, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-33805 — CVSS 8.6 (high): @fastify/reply-from v12.6.1 and earlier and @fastify/http-proxy v11.4.3 and earlier process the client's Connection header after the proxy…
CVE-2025-66415 — CVSS 5.4 (medium): fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL…
CVE-2023-51701 — CVSS 5.3 (medium): fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with…