Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2026-0601
CVE-2026-0601
A reflected cross-site scripting vulnerability exists in Nexus Repository 3 that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser through a specially crafted request requiring user interaction.
Published Jan 5, 2026
https://support.sonatype.com/hc/en-us/articles/47934334375955-CVE-2026-0601-Nexus-Repository-3-Cross-Site-Scripting-2026-01-13
CVSS Score
Medium
5.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
maven
org.sonatype.nexus/nexus-extdirect
3.82.0-08
maven
org.sonatype.nexus/nexus-extdirect
3.82.1-08
maven
org.sonatype.nexus/nexus-extdirect
3.83.0-08
maven
org.sonatype.nexus/nexus-extdirect
3.83.1-03
maven
org.sonatype.nexus/nexus-extdirect
3.83.2-01
maven
org.sonatype.nexus/nexus-extdirect
3.84.0-03
maven
org.sonatype.nexus/nexus-extdirect
3.84.1-01
maven
org.sonatype.nexus/nexus-extdirect
3.84.2-01
maven
org.sonatype.nexus/nexus-extdirect
3.85.0-03
maven
org.sonatype.nexus/nexus-extdirect
3.85.1-01
maven
org.sonatype.nexus/nexus-extdirect
3.86.0-08
maven
org.sonatype.nexus/nexus-extdirect
3.86.2-01
maven
org.sonatype.nexus/nexus-extdirect
3.86.3-01
maven
org.sonatype.nexus/nexus-extdirect
3.87.0-03
maven
org.sonatype.nexus/nexus-extdirect
3.87.1-01
maven
org.sonatype.nexus/nexus-extdirect
3.87.2-01
maven
org.sonatype.nexus/nexus-repository-core
3.82.0-08
maven
org.sonatype.nexus/nexus-repository-core
3.82.1-08
maven
org.sonatype.nexus/nexus-repository-core
3.83.0-08
maven
org.sonatype.nexus/nexus-repository-core
3.83.1-03
maven
org.sonatype.nexus/nexus-repository-core
3.83.2-01
maven
org.sonatype.nexus/nexus-repository-core
3.84.0-03
maven
org.sonatype.nexus/nexus-repository-core
3.84.1-01
maven
org.sonatype.nexus/nexus-repository-core
3.84.2-01
maven
org.sonatype.nexus/nexus-repository-core
3.85.0-03
maven
org.sonatype.nexus/nexus-repository-core
3.85.1-01
maven
org.sonatype.nexus/nexus-repository-core
3.86.0-08
maven
org.sonatype.nexus/nexus-repository-core
3.86.2-01
maven
org.sonatype.nexus/nexus-repository-core
3.86.3-01
maven
org.sonatype.nexus/nexus-repository-core
3.87.0-03
maven
org.sonatype.nexus/nexus-repository-core
3.87.1-01
maven
org.sonatype.nexus/nexus-repository-core
3.87.2-01
1-32 of 32
CVE-2026-0601 | Components Impacted | Sonatype Guide | Sonatype Guide
