Nodejs Node vulnerabilities
102 known vulnerabilities affecting nodejs/node.
Total CVEs
102
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL10HIGH48MEDIUM35LOW9
Vulnerabilities
Page 6 of 6
CVE-2024-22018P4LOWCVSS 2.9≥ 4.0, < 4.*≥ 5.0, < 5.*+16 more2024-07-10
CVE-2024-22018 [LOW] CVE-2024-22018: A vulnerability has been identified in Node.js, affecting users of the experimental permission model
A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used.
This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to.
Th
nvd
CVE-2026-48617P4LOWCVSS 1.8≥ 22.22.3, ≤ 22.22.3≥ 24.16.0, ≤ 24.16.0+1 more2026-06-18
CVE-2026-48617 [LOW] CWE-284 CVE-2026-48617: A flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path
A flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Misvalidation. This can lead to confidentiality impact or bypass of the intended security boundary under affected configurations. This vulnerability affects all supported release lines: **Node.js 22**, **Node.js 24**, and **Node.js 26**.
nvd
← Previous6 / 6