Lucene search
K

88 matches found

OSV
OSV
added 3 days ago5 views

BIT-NODE-MIN-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS7.1AI score0.02445EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

BIT-NODE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS7.1AI score0.02445EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 6 days ago7 views

CVE-2026-48933

A flaw was found in the Node.js WebCrypto implementation. A remote attacker could exploit this vulnerability by providing an input to the subtle.encrypt function that is a multiple of 2 gigabytes GiB. This could lead to a denial of service DoS by crashing the Node.js process. Mitigation Mitigatio...

7.5CVSS7AI score0.02445EPSS
Exploits0References4
OSV
OSV
added 6 days ago3 views

ALPINE-CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS7.1AI score0.02445EPSS
Exploits0References1
NVD
NVD
added 6 days ago8 views

CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS0.02445EPSS
Exploits0References9
Cvelist
Cvelist
added 6 days ago39 views

CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS0.02445EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 6 days ago5 views

CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS7.1AI score0.02445EPSS
Exploits0References1
Debian CVE
Debian CVE
added 6 days ago6 views

CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.6AI score0.02445EPSS
Exploits0
CVE
CVE
added 6 days ago90 views

CVE-2026-48933

CVE-2026-48933 describes a vulnerability in Node.js WebCrypto where AES processing in subtle.encrypt() can crash the process when the input size is a multiple of 2 GiB. The connected SUSE advisory confirms this CVE is addressed in the nodejs24 update to 24.17.0 as part of a rollup that fixes mult...

7.5CVSS6.6AI score0.02445EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-39609

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS7.1AI score0.02445EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 6 days ago7 views

CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.6AI score0.02445EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Node.js 22.x < 22.23.0 / 24.x < 24.17.0 / 26.x < 26.3.1 Multiple Vulnerabilities (Thursday, June 18, 2026 Security Releases).

The version of Node.js installed on the remote host is prior to 22.23.0, 24.17.0, or 26.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the Thursday, June 18, 2026 Security Releases advisory. - A flaw in Node.js WebCrypto implementation can crash the process if the...

9.8CVSS6.3AI score0.02445EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-48933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported...

7.5CVSS7.1AI score0.02445EPSS
Exploits0References4
Hacker One
Hacker One
added 2026/05/25 8:37 a.m.8 views

Node.js: Node.js WebCrypto AES Integer Overflow Leads to Remote Process Abort (DoS)

Vulnerability description not provided...

7.5CVSS5.8AI score0.02445EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : nodejs-16.17.1-1.el9 (AXSA:2022-4091:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4091:01 advisory. nodejs: weak randomness in WebCrypto keygen CVE-2022-35255 nodejs: HTTP Request Smuggling due to incorrect parsing of header fields CVE-2022-35256...

9.1CVSS8.5AI score0.02587EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-16797

Malware in sbrugna...

5.3CVSS7.3AI score0.01415EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-16908

Malware in sbrugna...

9.8CVSS9AI score0.02862EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-38146

Malicious code in bioql PyPI...

9.1CVSS7.5AI score0.0187EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-0629

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00552EPSS
Exploits0References4
OSV
OSV
added 2024/12/16 2:1 p.m.15 views

BIT-NODE-MIN-2022-35255

A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource in SecretKeyGenTraits::DoKeyGen in src/crypto/cryptokeygen.cc. There are two problems with this: 1 It does not check the return value, it assumes EntropySource always succeeds, but it can a...

9.1CVSS8.7AI score0.0187EPSS
Exploits1References5
Rows per page
Query Builder