Node.js Blog: Vulnerability Reports

Node.js Blog: Vulnerability Reports https://nodejs-kamg1fi6t-openjs.vercel.app/en Mon, 01 Jun 2026 07:37:19 GMT https://validator.w3.org/feed/docs/rss2.html https://github.com/jpmonette/feed en <![CDATA[Developing a minimally HashDoS resistant, yet quickly reversible integer hash for V8]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/march-2026-hashdos /blog/vulnerability/march-2026-hashdos?1774385400000 Tue, 24 Mar 2026 20:50:00 GMT <![CDATA[Tuesday, March 24, 2026 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/march-2026-security-releases /blog/vulnerability/march-2026-security-releases?1774321200000 Tue, 24 Mar 2026 03:00:00 GMT <![CDATA[OpenSSL Security Advisory Assessment, January 2026]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-fixes-in-regular-releases-jan2026 /blog/vulnerability/openssl-fixes-in-regular-releases-jan2026?1769619600000 Wed, 28 Jan 2026 17:00:00 GMT <![CDATA[Mitigating Denial-of-Service Vulnerability from Unrecoverable Stack Space Exhaustion for React, Next.js, and APM Users]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/january-2026-dos-mitigation-async-hooks /blog/vulnerability/january-2026-dos-mitigation-async-hooks?1768323600000 Tue, 13 Jan 2026 17:00:00 GMT <![CDATA[Tuesday, January 13, 2026 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/december-2025-security-releases /blog/vulnerability/december-2025-security-releases?1768262400000 Tue, 13 Jan 2026 00:00:00 GMT <![CDATA[Tuesday, July 15, 2025 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/july-2025-security-releases /blog/vulnerability/july-2025-security-releases?1752537600000 Tue, 15 Jul 2025 00:00:00 GMT <![CDATA[Wednesday, May 14, 2025 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/may-2025-security-releases /blog/vulnerability/may-2025-security-releases?1747191600000 Wed, 14 May 2025 03:00:00 GMT <![CDATA[Node.js Test CI Security Incident]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/march-2025-ci-incident /blog/vulnerability/march-2025-ci-incident?1745425800617 Wed, 23 Apr 2025 16:30:00 GMT <![CDATA[Updates on CVE for End-of-Life Versions]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/updates-cve-for-end-of-life /blog/vulnerability/updates-cve-for-end-of-life Fri, 07 Mar 2025 16:00:00 GMT <![CDATA[Tuesday, January 21, 2025 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/january-2025-security-releases /blog/vulnerability/january-2025-security-releases Tue, 21 Jan 2025 03:00:00 GMT <![CDATA[Upcoming CVE for End-of-Life Node.js Versions]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/upcoming-cve-for-eol-versions /blog/vulnerability/upcoming-cve-for-eol-versions Mon, 06 Jan 2025 16:00:00 GMT <![CDATA[Monday, July 8, 2024 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/july-2024-security-releases /blog/vulnerability/july-2024-security-releases Mon, 08 Jul 2024 03:00:00 GMT <![CDATA[Wednesday, April 10, 2024 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/april-2024-security-releases-2 /blog/vulnerability/april-2024-security-releases-2 Wed, 10 Apr 2024 00:00:00 GMT <![CDATA[Wednesday, April 3, 2024 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/april-2024-security-releases /blog/vulnerability/april-2024-security-releases Wed, 03 Apr 2024 03:00:00 GMT <![CDATA[Wednesday February 14 2024 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/february-2024-security-releases /blog/vulnerability/february-2024-security-releases Wed, 14 Feb 2024 15:30:00 GMT <![CDATA[OpenSSL Recent Security Patches]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-fixes-in-regular-releases-oct2023 /blog/vulnerability/openssl-fixes-in-regular-releases-oct2023 Thu, 26 Oct 2023 17:00:15 GMT <![CDATA[Friday October 13 2023 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/october-2023-security-releases /blog/vulnerability/october-2023-security-releases Fri, 13 Oct 2023 13:30:00 GMT <![CDATA[Wednesday August 9th 2023 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/august-2023-security-releases /blog/vulnerability/august-2023-security-releases Wed, 09 Aug 2023 14:30:00 GMT <![CDATA[Tuesday June 20 2023 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/june-2023-security-releases /blog/vulnerability/june-2023-security-releases Tue, 20 Jun 2023 14:30:00 GMT <![CDATA[Thursday February 16 2023 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/february-2023-security-releases /blog/vulnerability/february-2023-security-releases Thu, 16 Feb 2023 21:00:00 GMT <![CDATA[OpenSSL 3.0.7 update assessment]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-fixes-in-regular-releases-dec2022 /blog/vulnerability/openssl-fixes-in-regular-releases-dec2022 Fri, 16 Dec 2022 17:00:15 GMT <![CDATA[Nov 3 2022 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/november-2022-security-releases /blog/vulnerability/november-2022-security-releases Tue, 01 Nov 2022 21:00:00 GMT <![CDATA[OpenSSL November Security Release]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-november-2022 /blog/vulnerability/openssl-november-2022 Fri, 28 Oct 2022 19:00:01 GMT <![CDATA[OpenSSL and zlib update assessment, and Node.js Assessment workflow]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-and-zlib-vulnerability-assessment /blog/vulnerability/openssl-and-zlib-vulnerability-assessment Mon, 24 Oct 2022 20:00:15 GMT <![CDATA[September 23rd 2022 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/september-2022-security-releases /blog/vulnerability/september-2022-security-releases Thu, 15 Sep 2022 16:00:00 GMT <![CDATA[July 7th 2022 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/july-2022-security-releases /blog/vulnerability/july-2022-security-releases Thu, 07 Jul 2022 16:00:00 GMT <![CDATA[OpenSSL update assessment, and Node.js project plans]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-fixes-in-regular-releases-jun2022 /blog/vulnerability/openssl-fixes-in-regular-releases-jun2022 Tue, 21 Jun 2022 17:00:15 GMT <![CDATA[OpenSSL update assessment, and Node.js project plans]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-fixes-in-regular-releases-may2022 /blog/vulnerability/openssl-fixes-in-regular-releases-may2022 Thu, 05 May 2022 17:00:15 GMT <![CDATA[OpenSSL security releases require Node.js security releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/mar-2022-security-releases /blog/vulnerability/mar-2022-security-releases Fri, 18 Mar 2022 01:52:00 GMT <![CDATA[January 10th 2022 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/jan-2022-security-releases /blog/vulnerability/jan-2022-security-releases Tue, 11 Jan 2022 00:50:00 GMT <![CDATA[October 12th 2021 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/oct-2021-security-releases /blog/vulnerability/oct-2021-security-releases Tue, 12 Oct 2021 16:00:00 GMT <![CDATA[August 31 2021 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/aug-2021-security-releases2 /blog/vulnerability/aug-2021-security-releases2 Tue, 31 Aug 2021 16:00:00 GMT <![CDATA[August 2021 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/aug-2021-security-releases /blog/vulnerability/aug-2021-security-releases Wed, 11 Aug 2021 16:00:00 GMT <![CDATA[July 2021 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/july-2021-security-releases-2 /blog/vulnerability/july-2021-security-releases-2 Thu, 29 Jul 2021 16:00:00 GMT <![CDATA[July 2021 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/july-2021-security-releases /blog/vulnerability/july-2021-security-releases Thu, 01 Jul 2021 16:00:00 GMT <![CDATA[April 2021 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/april-2021-security-releases /blog/vulnerability/april-2021-security-releases Tue, 06 Apr 2021 20:51:00 GMT <![CDATA[February 2021 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/february-2021-security-releases /blog/vulnerability/february-2021-security-releases Tue, 23 Feb 2021 13:30:00 GMT <![CDATA[January 2021 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/january-2021-security-releases /blog/vulnerability/january-2021-security-releases Mon, 04 Jan 2021 19:30:00 GMT <![CDATA[November 2020 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/november-2020-security-releases /blog/vulnerability/november-2020-security-releases Mon, 16 Nov 2020 16:00:00 GMT <![CDATA[September 2020 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/september-2020-security-releases /blog/vulnerability/september-2020-security-releases Tue, 15 Sep 2020 21:50:00 GMT <![CDATA[June 2020 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/june-2020-security-releases /blog/vulnerability/june-2020-security-releases Tue, 02 Jun 2020 12:00:00 GMT <![CDATA[OpenSSL security releases do not require Node.js security releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/april-2020-openssl-updates /blog/vulnerability/april-2020-openssl-updates Tue, 21 Apr 2020 12:00:00 GMT <![CDATA[February 2020 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/february-2020-security-releases /blog/vulnerability/february-2020-security-releases Thu, 06 Feb 2020 12:00:00 GMT <![CDATA[December 2019 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/december-2019-security-releases /blog/vulnerability/december-2019-security-releases Wed, 18 Dec 2019 00:23:00 GMT <![CDATA[OpenSSL security releases do not require Node.js security releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/september-2019-openssl-no-updates /blog/vulnerability/september-2019-openssl-no-updates Thu, 12 Sep 2019 17:00:15 GMT <![CDATA[OpenSSL security releases may require Node.js security releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/september-2019-openssl-updates /blog/vulnerability/september-2019-openssl-updates Thu, 05 Sep 2019 15:34:35 GMT <![CDATA[August 2019 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/aug-2019-security-releases /blog/vulnerability/aug-2019-security-releases Fri, 16 Aug 2019 14:58:40 GMT <![CDATA[February 2019 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/february-2019-security-releases /blog/vulnerability/february-2019-security-releases Thu, 28 Feb 2019 12:53:26 GMT <![CDATA[November 2018 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/november-2018-security-releases /blog/vulnerability/november-2018-security-releases Wed, 28 Nov 2018 00:55:46 GMT <![CDATA[August 2018 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/august-2018-security-releases /blog/vulnerability/august-2018-security-releases Sat, 11 Aug 2018 11:07:51 GMT <![CDATA[June 2018 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/june-2018-security-releases /blog/vulnerability/june-2018-security-releases Tue, 12 Jun 2018 23:00:59 GMT <![CDATA[March 2018 Security Releases]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/march-2018-security-releases /blog/vulnerability/march-2018-security-releases Wed, 21 Mar 2018 23:49:59 GMT <![CDATA[Meltdown and Spectre - Impact On Node.js]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/jan-2018-spectre-meltdown /blog/vulnerability/jan-2018-spectre-meltdown Mon, 08 Jan 2018 17:30:00 GMT <![CDATA[Data Confidentiality/Integrity Vulnerability, December 2017]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/december-2017-security-releases /blog/vulnerability/december-2017-security-releases Fri, 08 Dec 2017 16:30:00 GMT <![CDATA[OpenSSL update, 1.0.2m]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-november-2017 /blog/vulnerability/openssl-november-2017 Mon, 30 Oct 2017 23:30:01 GMT <![CDATA[DOS security vulnerability, October 2017]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/oct-2017-dos /blog/vulnerability/oct-2017-dos Tue, 24 Oct 2017 22:00:00 GMT <![CDATA[Path validation vulnerability, September 2017]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/september-2017-path-validation /blog/vulnerability/september-2017-path-validation Fri, 29 Sep 2017 20:09:00 GMT <![CDATA[Security updates for all active release lines, July 2017]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/july-2017-security-releases /blog/vulnerability/july-2017-security-releases Tue, 11 Jul 2017 17:00:00 GMT <![CDATA[OpenSSL update, 1.0.2k]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-january-2017 /blog/vulnerability/openssl-january-2017 Fri, 27 Jan 2017 11:49:06 GMT <![CDATA[October security releases and v6 LTS "Boron" security inclusions]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/october-2016-security-releases /blog/vulnerability/october-2016-security-releases Sat, 15 Oct 2016 10:36:44 GMT <![CDATA[Security updates for all active release lines, September 2016]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/september-2016-security-releases /blog/vulnerability/september-2016-security-releases Fri, 23 Sep 2016 10:53:30 GMT <![CDATA[Security updates for all active release lines, June 2016]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/june-2016-security-releases /blog/vulnerability/june-2016-security-releases Mon, 13 Jun 2016 12:57:51 GMT <![CDATA[OpenSSL updates, 1.0.1t and 1.0.2h]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-may-2016 /blog/vulnerability/openssl-may-2016 Mon, 02 May 2016 11:16:10 GMT <![CDATA[npm security updates v2.15.1 and v3.8.3]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/npm-tokens-leak-march-2016 /blog/vulnerability/npm-tokens-leak-march-2016 Thu, 31 Mar 2016 10:41:46 GMT <![CDATA[OpenSSL updates, 1.0.2g and 1.0.1s]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-march-2016 /blog/vulnerability/openssl-march-2016 Mon, 29 Feb 2016 02:08:06 GMT <![CDATA[February 2016 Security Release Summary]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/february-2016-security-releases /blog/vulnerability/february-2016-security-releases Tue, 09 Feb 2016 17:40:00 GMT <![CDATA[OpenSSL upgrade low-severity Node.js security fixes]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-and-low-severity-fixes-jan-2016 /blog/vulnerability/openssl-and-low-severity-fixes-jan-2016 Wed, 27 Jan 2016 11:34:41 GMT <![CDATA[December Security Release Summary]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/december-2015-security-releases /blog/vulnerability/december-2015-security-releases Fri, 04 Dec 2015 03:05:00 GMT <![CDATA[December Security Release Schedule Update]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/december-2015-security-release-update /blog/vulnerability/december-2015-security-release-update Tue, 01 Dec 2015 01:13:57 GMT <![CDATA[CVE-2015-8027 Denial of Service Vulnerability / CVE-2015-6764 V8 Out-of-bounds Access Vulnerability]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/cve-2015-8027_cve-2015-6764 /blog/vulnerability/cve-2015-8027_cve-2015-6764 Wed, 25 Nov 2015 22:06:05 GMT <![CDATA[V8 Memory Corruption and Stack Overflow (fixed in Node v0.8.28 and v0.10.30)]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/v8-memory-corruption-stack-overflow /blog/vulnerability/v8-memory-corruption-stack-overflow Thu, 31 Jul 2014 19:00:00 GMT <![CDATA[OpenSSL and Breaking UTF-8 Change (fixed in Node v0.8.27 and v0.10.29)]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/openssl-and-utf8 /blog/vulnerability/openssl-and-utf8 Mon, 16 Jun 2014 15:46:10 GMT <![CDATA[DoS Vulnerability (fixed in Node v0.8.26 and v0.10.21)]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/http-server-pipeline-flood-dos /blog/vulnerability/http-server-pipeline-flood-dos Tue, 22 Oct 2013 17:42:10 GMT <![CDATA[HTTP Server Security Vulnerability: Please upgrade to 0.6.17]]> https://nodejs-kamg1fi6t-openjs.vercel.app/en/blog/vulnerability/http-server-security-vulnerability-please-upgrade-to-0-6-17 /blog/vulnerability/http-server-security-vulnerability-please-upgrade-to-0-6-17 Mon, 07 May 2012 17:02:01 GMT