Astro

Clerk CVE-2026-41248: createRouteMatcher Bypass Skips Middleware Gating Across Next.js, Nuxt, and Astro

Crafted requests slip past createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro, bypassing middleware-level route protection. Patches landed across three major version branches per SDK on April 24.