Security

Report a vulnerability

SECURITY.md

Security Policy

Reporting a Vulnerability

Please report security issues to support@nestjs.com.

@nestjs/devtools-integration: CSRF to Sandbox Escape Allows for RCE against JS Developers
GHSA-85cg-cmq5-qjm7 published Aug 1, 2025 by kamilmysliwiec

Critical

Learn more about advisories related to nestjs/nest in the GitHub Advisory Database