CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

MiracleLinux 8 : nodejs:24 (AXSA:2026-189:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-189:01 advisory. nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

Tenable Nessus•added 2026/02/17 12:0 a.m.•5 views

RHEL 9 : nodejs:24 (RHSA-2026:2781)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2781 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

AlmaLinux•added 2026/02/17 12:0 a.m.•6 views

Important: nodejs:24 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

9.1CVSS5.6AI score0.01056EPSS

Tenable Nessus•added 2026/02/17 12:0 a.m.•5 views

MiracleLinux 8 : nodejs:20 (AXSA:2026-187:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-187:01 advisory. nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

OSV•added 2026/02/17 12:0 a.m.•5 views

ALSA-2026:2782 Important: nodejs:22 security update

9.1CVSS5.9AI score0.01056EPSS

AlmaLinux•added 2026/02/17 12:0 a.m.•6 views

Important: nodejs:20 security update

9.1CVSS5.6AI score0.01056EPSS

AlmaLinux•added 2026/02/17 12:0 a.m.•5 views

Important: nodejs:22 security update

9.1CVSS5.6AI score0.01056EPSS

Tenable Nessus•added 2026/02/17 12:0 a.m.•4 views

RHEL 9 : nodejs:20 (RHSA-2026:2768)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2768 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

9.1CVSS5.7AI score0.00978EPSS

Exploits2References8

Oracle Linux 9 : nodejs:24 (ELSA-2026-2781)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2781 advisory. nodejs 1:24.13.0-1 - Update to version 24.13.0 nodejs-nodemon 3.0.3-3 - Keep BR on just npm 3.0.3-2 - Fix BR for nodejs-npm nodejs-packaging 2021.06-6 ...

Oracle linux•added 2026/02/17 12:0 a.m.•13 views

nodejs:24 security update

nodejs 1:24.13.0-1 - Update to version 24.13.0 nodejs-nodemon 3.0.3-3 - Keep BR on just npm 3.0.3-2 - Fix BR for nodejs-npm nodejs-packaging 2021.06-6 - Properly handle @group/package deps in nodejs-symlink-deps Resolves: RHEL-121581 2021.06-5 - nodejs.req to properly detect bundled deps...

9.1CVSS6.4AI score0.01056EPSS

Exploits2

Tenable Nessus•added 2026/02/17 12:0 a.m.•4 views

RHEL 9 : nodejs:20 (RHSA-2026:2767)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2767 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

9.1CVSS5.7AI score0.00978EPSS

Exploits2References8

RHEL 9 : nodejs:22 (RHSA-2026:2782)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2782 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

Tenable Nessus•added 2026/02/17 12:0 a.m.•4 views

MiracleLinux 8 : nodejs:22 (AXSA:2026-188:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-188:01 advisory. nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

RHEL 9 : nodejs:20 (RHSA-2026:2783)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2783 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

Hacker One•added 2026/02/15 10:15 p.m.•17 views

Node.js: Incomplete fix for CVE-2026-21637: loadSNI() in _tls_wrap.js lacks try/catch leading to Remote DoS

A flaw was discovered in the Node.js TLS error handling that left SNICallback invocations unprotected against synchronous exceptions. This represented an incomplete fix of the prior CVE-2026-21637 vulnerability, where the equivalent ALPN and PSK callbacks were already addressed. The issue could...

7.5CVSS5.8AI score0.01056EPSS

Exploits0

OSV•added 2026/02/15 9:26 a.m.•3 views

OPENSUSE-SU-2026:20236-1 Security update for nodejs22

This update for nodejs22 fixes the following issues: Update to 22.22.0: - CVE-2025-55130: file system permissions bypass via crafted symlinks bsc1256569. - CVE-2025-55131: timeout-based race conditions allow for allocations that contain leftover data from previous operations and lead to exposure ...

9.1CVSS7.1AI score0.01056EPSS