npm/@clerk/astro — 3 CVEs

CRITICAL9.1CVE-2026-41248Official Clerk JavaScript SDKs: Middleware-based route protection bypass

>= 0.0.1, < 1.5.7

HIGH8.1CVE-2026-42349Clerk has an authorization bypass when combining organization, billing, or reverification checks

>= 2.0.0, < 2.17.11

HIGH7.5CVE-2025-53548@clerk/backend Performs Insufficient Verification of Data Authenticity

>= 2.9.0, < 2.10.2

pkg:npm/@clerk/astro