3 matches found
BIT-NODE-MIN-2026-48931
A flaw in Node.js HTTP Agent can cause a client to accept as valid a response that is send before the client has sent the request. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-48935
A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
PT-2024-25530 · Cosy+ · Cosy+
Name of the Vulnerable Software and Affected Versions: Cosy+ devices versions 21.x through 21.2s9 Cosy+ devices versions 22.x through 22.1s2 Description: The issue arises from improper input sanitization when displaying logs, leading to a potential XSS attack. This is due to the improper...