SUSE SLES15 Security Update : nodejs20 (SUSE-SU-2026:1363-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1363-1 advisory. Update to version 20.20.2. - CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism...

CVE-2026-21717

A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...

CVE-2026-21717

CVE-2026-21717 affects multiple Node.js releases (nodejs20, nodejs22, nodejs24, nodejs25) with the root cause in V8 string hashing causing integer-like strings to hash to their numeric value, enabling hash collisions that can degrade Node.js process performance. Public details show nodejs24 is af...

CVE-2026-21717

A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...

CVE-2026-21717

A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...

Linux Distros Unpatched Vulnerability : CVE-2026-21717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafti...