Security News

Cybersecurity news aggregator

← Back to News Browse all tags

node-js

10 articles with this tag

CRITICAL
Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS
The Hacker News • Jun 10, 2026
 MEDIUM
CVE-2024-36137 A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to change the owner and permissions of a file.
Microsoft Security Response Center • May 31, 2026
 MEDIUM
[webapps] MikroORM 7.0.13 - SQL Injection
Exploit-DB • May 29, 2026
 CRITICAL
[NEU] [hoch] vm2: Schwachstelle ermöglicht Codeausführung
BSI Germany • May 11, 2026
 CRITICAL
13 new critical holes in JavaScript sandbox allow execution of arbitrary code
CSO Online • May 08, 2026
 CRITICAL
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
The Hacker News • May 07, 2026
 HIGH
CVE-2026-21637 HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error Handlers
Microsoft Security Response Center • Apr 14, 2026
 MEDIUM
[NEU] [mittel] Node.js: Mehrere Schwachstellen
BSI Germany • Mar 25, 2026
 CRITICAL
[UPDATE] [hoch] Node.js: Mehrere Schwachstellen
BSI Germany • Mar 18, 2026
 HIGH
Siemens SIDIS Prime
CISA ICS Advisories • Mar 12, 2026