CVE-2026-48619

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

nodejs24 security update

1:24.13.0-1.0.1 - Update upstream references 1:24.13.0-1 - Update to 24.13.0 1:24.11.1-2 - makefile: change package manager to RH one...

Fedora 42 : nodejs24 (2026-cc863e84da)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cc863e84da advisory. Update to version 24.13.0. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

Node.js 24.x < 24.4.1 HashDoS Vulnerability - Windows

Node.js is prone to a HashDoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...