3 matches found
CVE-2026-48934
A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
Tuesday, July 15, 2025 Security Releases
Tuesday, July 15, 2025 Security Releases Security releases available Updates are now available for the 24.x, 22.x, 20.x Node.js release lines for the following issues. Windows Device Names CON, PRN, AUX Bypass Path Traversal Protection in path.normalize CVE-2025-27210 - high An incomplete fix has...
Wednesday, May 14, 2025 Security Releases
Wednesday, May 14, 2025 Security Releases Security releases available Updates are now available for the 24.x, 23.x, 22.x, 20.x Node.js release lines for the following issues. Improper error handling in async cryptographic operations crashes process CVE-2025-23166 - high The C++ method...