Node.js Multiple Vulnerabilities
Release Date: 25 Mar 2026
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities have been identified in Node.js. A remote attacker can exploit these vulnerabilities to trigger denial of service condition and security restriction bypass on the targeted system.
Impact
- Denial of Service
- Security Restriction Bypass
System / Technologies affected
- Node.js versions prior to 20.20.2 (LTS)
- Node.js versions prior to 22.22.2 (LTS)
- Node.js versions prior to 24.14.1 (LTS)
- Node.js versions prior to 25.8.2 (Current)
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Update to Node.js version 20.20.2 (LTS)
- Update to Node.js version 22.22.2 (LTS)
- Update to Node.js version 24.14.1 (LTS)
- Update to Node.js version 25.8.2 (Current)
Vulnerability Identifier
- CVE-2026-21637
- CVE-2026-21710
- CVE-2026-21711
- CVE-2026-21712
- CVE-2026-21713
- CVE-2026-21714
- CVE-2026-21715
- CVE-2026-21716
- CVE-2026-21717
沒有留言:
發佈留言