A vulnerability, which was classified as critical , has been found in nestjs nest up to 11.1.23 . This issue affects the function MiddlewareConsumer.forRoutes . Performing a manipulation results in incorrect authorization. This vulnerability is cataloged as CVE-2026-54281 . It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.