Nodejs

178 tracked vulnerabilities.

CVE-2026-21637 HIGH
Nodejs Node.js < 20.20.0 - Denial of Service
Jan 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-21636 CRITICAL
Nodejs Node.js < 25.3.0 - Improper Access Control
Jan 20, 2026
CVSS 10.0
EPSS 0.00
CVE-2025-59466 HIGH
Node.js <24 - DoS
Jan 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-59465 HIGH
Nodejs Node.js < 20.20.0 - Denial of Service
Jan 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-59464 HIGH
Nodejs Node.js < 24.12.0 - Denial of Service
Jan 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-55132 MEDIUM
Node.js - Info Disclosure
Jan 20, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-55130 CRITICAL
Node.js <20 - Privilege Escalation
Jan 20, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-22036 MEDIUM
Nodejs Undici < 6.23.0 - Resource Allocation Without Limits
Jan 14, 2026
CVSS 5.9
EPSS 0.00
CVE-2025-23084 MEDIUM
Nodejs Node.js < 18.20.6 - Path Traversal
Jan 28, 2025
CVSS 5.5
EPSS 0.01
CVE-2024-3566 CRITICAL
Windows - Command Injection
Apr 10, 2024
CVSS 9.8
EPSS 0.07
CVE-2024-30260 LOW
Nodejs Undici < 5.28.4 - Incorrect Authorization
Apr 04, 2024
CVSS 3.9
EPSS 0.00
CVE-2024-30261 LOW
Nodejs Undici < 5.28.4 - Improper Access Control
Apr 04, 2024
CVSS 2.6
EPSS 0.00
CVE-2024-22019 HIGH
Node.js HTTP - DoS
Feb 20, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-21896 CRITICAL
Nodejs Node.js < 20.11.1 - Path Traversal
Feb 20, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-21892 HIGH
Nodejs Node.js < 18.19.1 - Code Injection
Feb 20, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-21891 HIGH
Nodejs Node.js < 20.11.1 - Path Traversal
Feb 20, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-21890 MEDIUM
Node.js <21 - Info Disclosure
Feb 20, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-24758 LOW
Undici <5.28.2, <6.6 - Auth Bypass
Feb 16, 2024
CVSS 3.9
EPSS 0.00
CVE-2024-24750 MEDIUM
Undici <6.6.1 - Memory Corruption
Feb 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-30590 HIGH
Node.js - Info Disclosure
Nov 28, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-30588 MEDIUM
Nodejs Node.js < 16.20.1 - Denial of Service
Nov 28, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-30585 HIGH
Node.js .msi - Info Disclosure
Nov 28, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-30581 HIGH
Nodejs Node.js < 16.20.1 - Missing Authorization
Nov 23, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-39332 CRITICAL
Nodejs Node.js < 20.8.0 - Path Traversal
Oct 18, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-39331 HIGH
Nodejs Node.js < 20.8.1 - Path Traversal
Oct 18, 2023
CVSS 7.5
EPSS 0.01
Products
node.js 163 undici 13 nodejs 3
Quick Filters
Critical CVEs With Exploits In CISA KEV