Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.
Security Fix(es):
nodejs: Nodejs denial of service (CVE-2026-21637)
brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion (CVE-2026-25547)
minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)
undici: Undici: Denial of Service due to uncontrolled resource consumption (CVE-2026-2581)
undici: Undici: HTTP header injection and request smuggling vulnerability (CVE-2026-1527)
undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)
undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)
undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)
undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)
Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing (CVE-2026-21712)
Node.js: Node.js: Denial of Service due to crafted HTTP __proto__ header (CVE-2026-21710)
Node.js: Node.js: Information disclosure due to fs.realpathSync.native() bypassing filesystem read restrictions (CVE-2026-21715)
nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix. (CVE-2026-21716)
Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks (CVE-2026-21711)
Node.js: Node.js: Information...
1:24.14.1-2.el10_1Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:NI:NA:HCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H