CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2025-54798 concerns the tmp package for Node.js. In versions 0.2.3 and earlier, it is vulnerable to arbitrary temporary file and directory writes via the symbolic link dir parameter. The issue is fixed in version 0.2.4; users should upgrade to 0.2.4 or later to mitigate. The connected IBM bul...

5.3CVSS6.5AI score0.00469EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2025/08/07 12:4 a.m.•2 views

CVE-2025-54798 tmp does not restrict arbitrary temporary file / directory write via symbolic link `dir` parameter

tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...

2.5CVSS6.4AI score0.00469EPSS

Exploits1References3

Oracle linux•added 2025/07/30 12:0 a.m.•6 views

nodejs:22 security update

nodejs 1:22.16.0-2 - Patch fix for CVE-2025-6965 Resolves: RHEL-103851 nodejs-nodemon nodejs-packaging...

9.8CVSS7.4AI score0.01689EPSS

Exploits3

OSV•added 2025/07/29 1:40 p.m.•4 views

RLSA-2025:11802 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: sqlite: Integer Truncation in SQLite CVE-2025-6965 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

7.7CVSS7.7AI score0.01689EPSS

Exploits3References2

OSV•added 2025/07/29 1:40 p.m.•4 views

RLSA-2025:7433 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 For more details about the...

7.3CVSS8.1AI score0.00651EPSS

Exploits0References3

Rockylinux•added 2025/07/29 1:40 p.m.•2 views

nodejs:20 security update

An update is available for module.nodejs-nodemon, module.nodejs-packaging, nodejs, nodejs-nodemon, module.nodejs, nodejs-packaging. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS7AI score0.0056EPSS

Exploits1

OSV•added 2025/07/29 1:40 p.m.•4 views

RLSA-2025:8468 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.8AI score0.0056EPSS

Exploits1References4

OSV•added 2025/07/29 1:40 p.m.•2 views

RLSA-2025:7426 Moderate: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 For more details about the security issues, including the impact, a CVSS score,...

7CVSS7.8AI score0.00651EPSS

Exploits0References2

Rockylinux•added 2025/07/29 1:38 p.m.•1 views

nodejs:22 security update

An update is available for module.nodejs-nodemon, nodejs, nodejs-nodemon, nodejs-packaging, module.nodejs, module.nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.7AI score0.00651EPSS

Exploits0

OSV•added 2025/07/29 1:38 p.m.•3 views

RLSA-2025:8514 Important: nodejs:20 security update

7.5CVSS7.8AI score0.0056EPSS

Exploits1References4

OSV•added 2025/07/29 1:38 p.m.•3 views

RLSA-2025:11803 Important: nodejs:22 security update

7.7CVSS7.7AI score0.01689EPSS

Exploits3References2

OSV•added 2025/07/29 1:38 p.m.•3 views

RLSA-2025:4459 Important: nodejs:22 security update