CVE-2025-55132
The Connected documents confirm CVE-2025-55132: Node.js’ fs.futimes() can bypass the Read-Only permission model, allowing modification of file timestamps even when a process has only read access. Affected products are Node.js releases in the 20/22/24/25 lineages. Impact is potential log tampering...