CVE-2025-27209

A flaw was found in nodejs. The V8 component’s rapidhash implementation introduces a HashDoS vulnerability, allowing an attacker who can control the strings being hashed to trigger excessive CPU usage by generating numerous hash collisions. This exploitation vector results in an application level...

CVE-2025-27209

The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...

Node.js 安全漏洞

Node.js is an open source, cross-platform JavaScript runtime environment from the Node.js open source. A security vulnerability exists in Node.js version v24.x, which stems from an improper implementation of string hash computation and could lead to a hash collision attack...

PT-2025-29694 · Node.Js · Node.Js

Name of the Vulnerable Software and Affected Versions: Node.js versions 24.0.0 and later Description: The V8 release in Node.js reintroduced a HashDoS vulnerability due to changes in string hash computation using rapidhash. An attacker controlling the strings to be hashed can generate numerous ha...