Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Tenable Nessus
Tenable Nessusadded 2026/04/16 12:0 a.m.18 views

AlmaLinux 9 : nodejs:24 (ALSA-2026:7350)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7350 advisory. nodejs: Nodejs denial of service CVE-2026-21637 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547...

9.8CVSS5.9AI score0.13066EPSS
Exploits1References20
OSV
OSVadded 2026/04/13 12:0 a.m.6 views

ALSA-2026:7670 Important: nodejs:24 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs denial of service CVE-2026-21637 minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-26996 undici:...

9.8CVSS5.8AI score0.13066EPSS
Exploits1References36
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/31 12:19 p.m.10 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.4.0 Vulnerability Details CVEID:CVE-2026-1525 DESCRIPTION: Undici allows duplicate HTTP Content-Length headers when they...

9.8CVSS7.3AI score0.00641EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessusadded 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: nodejs (CVE-2024-24758)

The version of nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24758 advisory. - Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici already cleared Authorization headers...

4.5CVSS7.8AI score0.00765EPSS
Exploits0References2
OSV
OSVadded 2024/09/27 11:9 a.m.3 views

OESA-2024-2174 nodejs security update

Node.js is an open-source, cross-platform, JavaScript runtime environment, it executes JavaScript code outside of a browser. Security Fixes: The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request...

8.2CVSS7AI score0.87211EPSS
Exploits2References5
OSV
OSVadded 2024/02/16 10:15 p.m.2 views

AZL-35045 CVE-2024-24758 affecting package nodejs for versions less than 20.14.0-1

Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici already cleared Authorization headers on cross-origin redirects, but did not clear Proxy-Authentication headers. This issue has been patched in versions 5.28.3 and 6.6.1. Users are advised to upgrade. There are no known...

4.5CVSS6.7AI score0.00765EPSS
Exploits0References1
Rows per page
Query Builder