Node.js
Monthly
Parse Server's LDAP authentication adapter fails to properly sanitize user input in Distinguished Names and group filters, allowing authenticated attackers to inject LDAP commands and bypass group-based access controls. This vulnerability enables privilege escalation for any valid LDAP user to gain membership in restricted groups, affecting deployments that rely on LDAP group policies for authorization. Patches are available in versions 9.5.2-alpha.13 and 8.6.26.
Denial of service in file-type library versions prior to 21.3.1 allows remote attackers to hang Node.js event loops by submitting malformed ASF (WMV/WMA) files that trigger infinite loops during file type detection. Applications using file-type to analyze untrusted input are vulnerable, with a minimal 55-byte payload sufficient to stall processing. No patch is currently available for affected Node.js and File Type products.
Parse Server has a third vulnerability with missing authorization enabling unauthorized operations.
Parse Server versions prior to 9.5.2-alpha.10 and 8.6.23 allow remote attackers to bypass rate limiting protections by submitting multiple requests within a single batch request, since batch processing routes requests internally and circumvents Express middleware controls. Deployments relying on built-in rate limiting are vulnerable to abuse and denial of service attacks. A patch is available in the specified versions.
Parse Server versions prior to 9.5.2-alpha.9 and 8.6.22 fail to properly validate OAuth2 token ownership when the useridField option is not configured, allowing attackers with any valid token from the same provider to impersonate arbitrary users. This authentication bypass affects all Parse Server deployments using the generic OAuth2 adapter without the useridField setting. The vulnerability is resolved in patched versions 9.5.2-alpha.9 and 8.6.22.
Parse Server has a CVSS 10.0 access control vulnerability enabling complete bypass of all data access restrictions.
Parse Server has an incorrect authorization vulnerability enabling unauthorized data access across applications.
Parse Server versions prior to 9.5.2-alpha.6 and 8.6.19 allow authenticated users to bypass field protection checks by nesting query constraints within logical operators, enabling unauthorized extraction of protected field values. This vulnerability affects all Parse Server deployments with default protected fields, as the validation mechanism only inspects top-level query keys. A patch is available in the specified versions.
SQL injection in Sequelize prior to version 6.37.8 allows unauthenticated attackers to execute arbitrary SQL queries and extract sensitive data by manipulating JSON object keys in WHERE clause operations. The vulnerability stems from improper sanitization of cast type parameters in the _traverseJSON() function, which directly interpolates user-controlled input into CAST SQL statements. Node.js applications using affected Sequelize versions are at risk of complete database compromise.
Parse Server's Keycloak authentication adapter fails to validate the authorized party claim in access tokens, allowing tokens issued for one client application to authenticate users on another client within the same Keycloak realm. An authenticated attacker with valid credentials to any client application can exploit this to perform cross-application account takeover against Parse Server instances using Keycloak authentication in multi-client environments. A patch is available in versions 9.5.2-alpha.5 and 8.6.18.
Parse Server versions prior to 9.5.2-alpha.4 and 8.6.17 allow authenticated users to upload SVG files containing malicious JavaScript that executes in the server's origin context due to missing content security headers, enabling attackers to steal session tokens and compromise user accounts. All deployments with file upload enabled for authenticated users are vulnerable by default, as the file extension filter blocks HTML but not SVG files. A patch is available in the specified versions.
Parse Server versions prior to 9.5.2-alpha.3 and 8.6.16 fail to enforce class-level permissions on LiveQuery subscriptions, allowing unauthenticated attackers to subscribe to restricted data classes and receive real-time updates on all objects. This authorization bypass affects all deployments using LiveQuery with permission controls, exposing sensitive data to unauthorized subscribers. A patch is available in the mentioned versions.
Parse-Server versions up to 9.5.2 is affected by allocation of resources without limits or throttling (CVSS 7.5).
simple-git Node.js library has a command injection vulnerability (EPSS with patch) enabling RCE when processing untrusted git operations.
OneUptime prior to 10.0.21 has a third authorization bypass enabling low-privileged users to access admin functions.
NoSQL injection in Parse Server's password reset and email verification endpoints allows unauthenticated attackers to extract authentication tokens by injecting MongoDB query operators through the unvalidated token parameter. Affected deployments running MongoDB with these features enabled are vulnerable to email verification bypass and password reset token theft. The vulnerability is fixed in versions 8.6.14 and 9.5.2-alpha.1.
Unauthenticated attackers can crash Parse Server instances by invoking Cloud Function endpoints with prototype property names, triggering infinite recursion and process termination. Additionally, attackers can bypass validation checks using prototype pollution techniques to elicit HTTP 200 responses for non-existent functions. All Parse Server versions prior to 8.6.13 and 9.5.1-alpha.2 are affected when the Cloud Function endpoint is exposed.
Parse Server versions prior to 8.6.12 and 9.5.1-alpha.1 allow attackers to bypass the requestKeywordDenylist security control by nesting prohibited keywords within objects or arrays in request payloads, enabling injection of restricted data into applications. This logic flaw affects all Parse Server deployments since the denylist is enabled by default, and custom keyword restrictions configured by developers are equally vulnerable to the same bypassing technique. Attackers can exploit this to inject malicious content or bypass access controls on any Parse Server instance.
Specially crafted ZIP archives can escape the intended extraction directory during Node.js download and extraction in Vaadin 14.2.0 versions up to 14.14.0 is affected by path traversal.
Parse Server's LiveQuery feature is vulnerable to denial of service through malicious regex patterns that trigger catastrophic backtracking, freezing the Node.js event loop and rendering the entire server unresponsive to all clients. Attackers only require the publicly available application ID and JavaScript key to exploit this vulnerability on any Parse Server with LiveQuery enabled. Updates to versions 9.5.0-alpha.14 or 8.6.11 and later address this issue.
OneUptime monitoring platform prior to 10.0.18 allows code injection (CVSS 9.9) enabling RCE through the monitoring configuration.
node-tar is a full-featured Tar for Node.js.
Authentication bypass in Parse Server allows unauthenticated access to protected API endpoints. Parse Server is a popular open-source backend framework for mobile and web applications.
Parse Server versions 9.3.1-alpha.3 through 9.5.0-alpha.9 allow unauthenticated attackers to bypass GraphQL introspection restrictions by nesting __type queries within inline fragments, enabling unauthorized schema reconnaissance. An attacker can exploit this to enumerate available types and fields in the GraphQL API despite the graphQLPublicIntrospection control being disabled. The vulnerability affects Parse Server deployments running on Node.js and has been patched in version 9.5.0-alpha.10.
Parse Server versions prior to 8.6.9 and 9.5.0-alpha.9 fail to enforce file access control triggers on the metadata endpoint, allowing unauthenticated attackers to retrieve sensitive file metadata that should be restricted. This bypass occurs because beforeFind and afterFind triggers are not invoked when accessing file metadata, circumventing security gates intended to protect file information. Affected organizations using Parse Server without the patched versions face unauthorized disclosure of file metadata.
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. [CVSS 3.7 LOW]
Arbitrary file overwrite in node-tar before 7.5.10 lets a malicious tar archive write files outside the intended extraction directory on Windows by embedding a hardlink whose target uses a drive-relative path such as 'C:../target.txt'. The flaw triggers during ordinary tar.x() extraction, so any Node.js application that unpacks untrusted archives on Windows is exposed. Publicly available exploit code exists via the GitHub Security Advisory, though EPSS exploitation probability is very low (0.02%) and it is not listed in CISA KEV.
Cross-site request forgery (CSRF) in Ghost CMS versions 5.101.6 through 6.19.2 permits attackers to reuse one-time codes across different login sessions via the /session/verify endpoint, potentially enabling account takeover through phishing attacks. The vulnerability affects Ghost deployments on Node.js and related platforms, requiring no user authentication but relying on user interaction. A patch is available in Ghost version 6.19.3 and later.
express-rate-limit versions 8.0.0 through 8.3.0 (excluding patched versions) collapse all IPv4 client traffic into a single rate-limit bucket due to incorrect IPv6 subnet masking of IPv4-mapped addresses, allowing any client to trigger denial of service for all other IPv4 users by exhausting the shared limit. Public exploit code exists for this vulnerability, affecting Node.js applications using the vulnerable middleware versions. Organizations should upgrade to versions 8.0.2, 8.1.1, 8.2.2, or 8.3.0 immediately.
Parse Server versions prior to 8.6.7 and 9.5.0-alpha.6 expose sensitive database information through unfiltered error responses when processing malformed regex queries. An unauthenticated attacker can craft specially crafted query parameters to leak database internals including error messages, cluster details, and topology information. Patches are available for affected versions.
Improper authorization in Parse Server versions prior to 8.6.6 and 9.5.0-alpha.4 allows read-only master key holders to bypass access controls via the /loginAs endpoint and obtain valid session tokens for arbitrary users. An attacker with readOnlyMasterKey credentials can impersonate any user and gain full read and write access to their data. All Parse Server deployments utilizing readOnlyMasterKey functionality are affected, and no patch is currently available.
Parse Server versions before 8.6.5 and 9.5.0-alpha.3 allow the readOnlyMasterKey to perform write and delete operations on files, violating the intended read-only access restriction. An authenticated attacker with the readOnlyMasterKey can upload arbitrary files or delete existing files via the Files API on affected deployments. No patch is currently available for this medium-severity vulnerability that impacts organizations using Parse Server with exposed file endpoints.
Parse Server's readOnlyMasterKey incorrectly permits write operations on Cloud Hooks and Cloud Jobs despite being documented to deny mutations, allowing authenticated attackers with knowledge of the key to create, modify, and delete hooks or trigger jobs for potential data exfiltration. This vulnerability affects all Parse Server deployments using the readOnlyMasterKey option and has been patched in versions 8.6.4 and 9.4.1-alpha.3.
@hono/node-server versions prior to 1.19.10 contain an authorization bypass in static file serving due to inconsistent URL decoding between routing middleware and file resolution logic. An unauthenticated remote attacker can bypass route-based access controls by crafting requests with encoded slashes (%2F) to access protected static resources that should be restricted by middleware. Organizations running affected versions should upgrade immediately as no workaround is available.
Denial of service in SVGO versions 2.1.0-2.8.0, 3.0.0-3.3.2, and before 4.0.1 allows unauthenticated attackers to crash the Node.js process through XML entity expansion attacks, with a minimal 811-byte payload triggering heap exhaustion. Public exploit code exists for this vulnerability, and no patch is currently available. Affected users of SVGO, Node.js, and Golang implementations should restrict input sources until updates are released.
Prototype pollution in oRPC before 1.13.6. PoC and patch available.
Improper path validation in OpenClaw Gateway versions before 2026.2.14 enables authenticated administrators to achieve arbitrary code execution by manipulating hook module paths passed to dynamic imports. An attacker with configuration modification privileges can load and execute malicious local modules within the Node.js process, gaining full system compromise capabilities.
Arbitrary code execution in Ghost CMS versions 0.7.2 through 6.19.0 allows authenticated attackers with theme upload privileges to execute malicious code on the server by crafting specially designed theme files. The vulnerability affects Ghost installations running on Node.js and requires high privileges to exploit, though successful attacks compromise complete server integrity with confidentiality, integrity, and availability impact. No patch is currently available for affected versions.
Dark Reader is an accessibility browser extension that makes web pages colors dark. The dynamic dark mode feature of the extension works by analyzing the colors of web pages found in CSS style sheet files. [CVSS 3.4 LOW]
Denial of service in Multer (Express.js multipart/form-data middleware) before version 2.1.1 allows remote unauthenticated attackers to crash a Node.js application by sending specially malformed multipart requests that trigger uncontrolled recursion and stack overflow. Affecting one of the most widely used file-upload middlewares in the Node.js/Express ecosystem, the flaw carries a CVSS 4.0 base score of 8.7 with availability-only impact. There is no public exploit identified at time of analysis and the EPSS score is very low (0.06%, 18th percentile), but a vendor patch and Red Hat errata are available.
Denial of service in Multer (the Express/Node.js multipart/form-data middleware) before version 2.1.0 lets remote attackers exhaust server resources by submitting malformed multipart requests, crashing or hanging the upload-handling process. The flaw scores CVSS 4.0 8.7 with an availability-only impact and requires no authentication or user interaction; no public exploit has been identified at time of analysis and EPSS rates near-term exploitation probability very low (0.06%, 17th percentile). A vendor patch (2.1.0) is available and Red Hat has shipped errata, but no workaround exists.
Denial of service in Multer (Express.js multipart/form-data middleware) before version 2.1.0 lets remote unauthenticated attackers exhaust server resources by abruptly dropping the connection mid file-upload, leaving allocated resources unreleased. The flaw maps to CWE-772 (missing release of resource) and carries a CVSS 4.0 base score of 8.7 driven entirely by availability impact. There is no public exploit identified at time of analysis and the EPSS probability is very low (0.06%), but a fixed release (2.1.0) is available and no workarounds exist.
Host header injection in Koa's ctx.hostname API (versions prior to 2.16.4 and 3.1.2) allows remote attackers to inject arbitrary hostnames through malformed Host headers containing @ symbols, affecting applications that use this API for security-sensitive operations like URL generation, password reset links, and email verification. Public exploit code exists for this vulnerability. Applications relying on ctx.hostname for routing decisions or generating user-facing URLs are at risk of credential theft, account compromise, and phishing attacks.
Minimatch versions before 3.1.3 through 10.2.3 suffer from catastrophic backtracking in glob pattern matching when processing multiple GLOBSTAR segments, allowing attackers who control glob patterns to trigger exponential time complexity and cause denial of service. Public exploit code exists for this vulnerability, and affected Node.js applications using vulnerable Minimatch versions are at immediate risk. No patch is currently available, requiring users to upgrade to patched versions or implement input validation as a mitigation.
Improper input validation in TerriaJS-Server versions before 4.0.3 allows unauthenticated remote attackers to bypass domain allowlist restrictions and proxy requests to arbitrary domains. This vulnerability affects Node.js deployments of TerriaJS and could enable attackers to access restricted resources or perform server-side request forgery attacks. A patch is available in version 4.0.3 and later.
Weak cryptographic algorithm in Parse Server before 8.6.3/9.1.1-alpha.4 allows attackers to bypass security mechanisms. Patch available.
Additional expression evaluation exploits in n8n before 2.10.1/2.9.3/1.123.22. Fourth distinct code execution path through the expression engine. Patch available.
Path traversal in basic-ftp Node.js FTP client library before 5.2.0 allows malicious FTP servers to write files outside the intended download directory. PoC and patch available.
Authentication bypass in FUXA SCADA/HMI system 1.2.8 and prior leading to Remote Code Execution. Unauthenticated attackers can execute arbitrary code on industrial control HMI systems. EPSS 0.64% with PoC available.
Code injection in OneUptime monitoring via custom JS monitor using vm module. PoC and patch available.
Email content leakage in Lettermint Node.js SDK versions 1.5.0 and below allows local authenticated users to intercept sensitive email data when a single client instance sends multiple messages, as email properties are not properly cleared between sends. Applications using transactional email flows with reused client instances risk exposing recipient addresses and message content to unintended parties. The vulnerability has been patched in version 1.5.1.
SQL injection in Ghost CMS versions 3.24.0 through 6.19.0 allows unauthenticated attackers to read arbitrary database data. Patch available.
Path traversal in node-tar versions 7.5.7 and earlier allows local attackers to read and write arbitrary files outside the extraction directory by crafting malicious tar archives containing hardlinks that bypass extraction path validation. Public exploit code exists for this vulnerability, which affects default extraction configurations in Node.js and related Tar implementations. The vulnerability has been patched in node-tar 7.5.8.
Code inclusion from untrusted source in Slyde presentation tool 0.0.4 and below. Automatically imports plugin files. Patch available.
Arbitrary command execution in OpenClaw versions 2026.1.8 through 2026.2.13 allows attackers to execute shell commands when developers or CI systems run the update-clawtributors.ts maintenance script on repositories containing malicious commit metadata. The vulnerability stems from unsanitized interpolation of git author emails into shell commands via execSync, exploitable only by those with access to the development environment or source repository. Version 2026.2.14 patches the issue.
Command injection in systeminformation versions before 5.31.0 allows local attackers with user privileges to execute arbitrary system commands through unsanitized output parsing in the versions() function. Public exploit code exists for this vulnerability, which provides complete system compromise capabilities including information disclosure, modification, and denial of service. Upgrade to version 5.31.0 or later to remediate.
Command injection in the systeminformation Node.js library (versions prior to 5.30.8) lets attackers run arbitrary OS commands on Linux hosts through the wifiNetworks() function. While the iface argument is sanitized on the first call, the setTimeout retry path (triggered when the initial scan returns no results) re-invokes getWifiNetworkListIw() with the original unsanitized value, which reaches execSync('iwlist <iface> scan'). Any application that forwards user-controlled input to si.wifiNetworks() can be coerced into executing commands with the Node.js process privileges; publicly available exploit code exists, though EPSS risk is low (0.08%, 24th percentile) and it is not on the CISA KEV list.
farmfe/core versions up to 1.7.6 contains a vulnerability that allows attackers to surveil developers running Farm who visit their webpage and steal source code th (CVSS 6.5).
### Summary The `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to cause denial-of-service via memory exhaustion. [CVSS 3.7 LOW]
Prototype pollution in set-in npm package allows modification of Object prototype. PoC and patch available.
Arbitrary code execution in vscode-spell-checker prior to v4.5.4 allows attackers to execute malicious Node.js code by placing a crafted .cspell.config.js file in an untrusted workspace, since the extension fails to validate VS Code's workspace-trust state before loading configuration files. An attacker can exploit this by tricking users into opening a malicious workspace, resulting in code execution with the privileges of the extension host process.
Axios versions up to 0.30.3 is affected by improper check for unusual or exceptional conditions (CVSS 7.5).
Remote code execution in the jsonpath npm package (versions <1.2.0) allows unauthenticated attackers to execute arbitrary JavaScript code by injecting malicious JSON Path expressions. The vulnerability stems from unsafe evaluation through the static-eval module, which processes user-supplied JSON Path input without proper sanitization. All query methods (.query, .nodes, .paths, .value, .parent, .apply) are affected. While EPSS scoring indicates relatively low widespread exploitation probability (0.09%, 26th percentile), multiple vendor patches from Red Hat and SUSE confirm the severity, and publicly available exploit code exists (CVSS E:P). This represents critical risk for Node.js applications processing untrusted JSON Path expressions, with potential for both server-side RCE and browser-based XSS depending on execution context.
Client-certificate-auth middleware for Node.js versions 0.2.1 and 0.3.0 fails to validate the Host header when redirecting HTTP requests to HTTPS, enabling attackers to craft malicious redirects that direct users to arbitrary domains. Public exploit code exists for this open redirect vulnerability, and no patch is currently available for affected versions.
@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, the library attempts to eagerly generate every possible combination synchronously. Because the expansion grows exponentially, even a small input can consume excessive CPU and memory and may crash the...
n8n has a command injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary OS commands through workflow definitions.
n8n workflow automation platform has an authenticated code execution vulnerability (CVSS 9.9) through improper runtime behavior modification, enabling server takeover.
n8n is an open source workflow automation platform. From version 1.65.0 to before 1.114.3, the use of Buffer.allocUnsafe() and Buffer.allocUnsafeSlow() in the task runner allowed untrusted code to allocate uninitialized memory. [CVSS 7.7 HIGH]
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.3, a denial-of-service vulnerability in Fastify’s Web Streams response handling can allow a remote client to exhaust server memory. Applications that return a ReadableStream (or Response with a Web Stream body) via reply.send() are impacted. A slow or non-reading client can trigger unbounded buffering when backpressure is ignored, leading to process crashes or severe degradation. This issue has been patched in...
Fastify versions before 5.7.2 allow attackers to bypass request body validation by injecting a tab character into the Content-Type header, enabling malicious payloads to reach application logic without validation checks. This remote attack requires no authentication and affects Node.js applications using vulnerable Fastify versions. A patch is available in version 5.7.2 and later.
jsPDF versions prior to 4.1.0 contain a race condition in the addJS method where a shared module-scoped variable is overwritten during concurrent PDF generation, causing JavaScript payloads and embedded data intended for one user to be included in another user's generated PDF. This cross-user data leakage primarily affects server-side Node.js deployments handling simultaneous requests, allowing attackers to access sensitive information leaked across user sessions. Public exploit code exists for this vulnerability.
Arbitrary Python code execution in Backstage's @backstage/plugin-techdocs-node (versions < 1.13.11 and = 1.14.0) lets a contributor who can add or edit a repository's mkdocs.yml inject a malicious MkDocs `hooks` directive that runs on the TechDocs build server whenever TechDocs is configured with `runIn: local`. The flaw also affects documentation built in CI/CD via @techdocs/cli, which bundles the same package. EPSS is very low (0.02%, 6th percentile) and there is no public exploit identified at time of analysis, but the CVSS of 8.8 reflects full host compromise of the build environment.
Backstage TechDocs plugin versions prior to 1.13.11 and 1.14.1 contain a path traversal vulnerability that allows authenticated attackers to read arbitrary files from the host filesystem when the local generator is enabled. The vulnerability stems from insufficient symlink validation during the documentation build process, enabling attackers to embed sensitive file contents into generated HTML accessible to documentation viewers. Organizations using `techdocs.generator.runIn: local` with untrusted documentation sources are at risk until patching to the fixed versions.
Deephas versions up to 1.0.7 is affected by improperly controlled modification of object prototype attributes (prototype pollution) (CVSS 8.8).
The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not properly sanitized in lib/Local.js. [CVSS 7.8 HIGH]
node-tar before version 7.5.7 contains a path traversal vulnerability where inconsistent path resolution between validation and execution logic allows attackers to bypass security checks and create hardlinks to arbitrary files outside the intended extraction directory. Public exploit code exists for this vulnerability, affecting Node.js applications that process untrusted TAR archives. An attacker can craft a malicious TAR file to write to sensitive locations on the system.
Bun versions prior to 1.3.5 allow attackers to bypass the trusted dependencies allowlist by creating non-npm packages with names matching legitimate packages, enabling potential code execution through dependency confusion attacks. This local vulnerability affects systems using Bun's package management where an attacker can craft malicious packages with identical names to trusted dependencies. No patch is currently available for affected Node.js and GitHub integrations.
pnpm versions before 10.28.2 fail to validate the `directories.bin` field during package processing, allowing malicious packages to use path traversal (e.g., `../../../../tmp`) to escape the package root and chmod 755 files at arbitrary locations on Unix-like systems. Public exploit code exists for this vulnerability. The issue affects Linux, macOS, and Node.js environments but not Windows due to platform-specific protections.
pnpm versions prior to 10.28.2 fail to properly constrain symlink resolution when installing file: and git: dependencies, allowing malicious packages to copy sensitive files from the host system into node_modules and leak credentials. This affects developers using local file dependencies and CI/CD pipelines installing git-based packages, with public exploit code available. The vulnerability enables theft of credentials from locations like ~/.ssh/id_rsa and ~/.npmrc by exploiting symlinks to absolute paths outside the package root.
Pnpm versions up to 10.28.1 contains a vulnerability that allows attackers to overwriting config files, scripts, or other sensitive files (CVSS 6.5).
Path traversal in pnpm's tarball extraction on Windows allows attackers to write files outside the intended package directory by exploiting incomplete path normalization that fails to block backslash-based traversal sequences. Public exploit code exists for this vulnerability, which affects Windows developers and CI/CD pipelines (GitHub Actions, Azure DevOps) and could result in overwriting sensitive configuration files like .npmrc or build configurations. A patch is available in pnpm version 10.28.1 and later.
Path traversal in pnpm's binary fetcher (versions prior to 10.28.1) allows attackers to write files outside the intended extraction directory through malicious ZIP entries or crafted prefix values, potentially overwriting critical configuration files and scripts on affected systems. All pnpm users installing packages with binary assets are vulnerable, particularly those in CI/CD pipelines or with custom Node.js binary configurations. Public exploit code exists for this medium-severity vulnerability.
Sandbox escape in vm2 Node.js sandbox before 3.10.2 via Promise.prototype.then/catch callback sanitization bypass. PoC and patch available.
A denial of service vulnerability exists in Next.js versions with Partial Prerendering (PPR) enabled when running in minimal mode. The PPR resume endpoint accepts unauthenticated POST requests with the `Next-Resume: 1` header and processes attacker-controlled postponed state data. [CVSS 5.9 MEDIUM]
Openfire 4.6.0 contains a stored cross-site scripting vulnerability in the nodejs plugin that allows attackers to inject malicious scripts through the 'path' parameter. [CVSS 6.4 MEDIUM]
npm cli contains an insecure module loading mechanism that enables local privilege escalation on Node.js installations. An attacker with low-privileged code execution can exploit this flaw to gain elevated privileges and execute arbitrary code with target user permissions. No patch is currently available for this vulnerability.
Node.js TLS servers using PSK or ALPN callbacks are vulnerable to denial of service when these callbacks throw unhandled synchronous exceptions during the TLS handshake. Remote attackers can exploit this by sending specially crafted TLS handshake requests to trigger resource exhaustion or process crashes, either through immediate termination or silent file descriptor leaks. No patch is currently available for this vulnerability.
Node.js has a CVSS 10.0 permission model bypass that allows Unix Domain Socket connections to completely bypass network restrictions when --allow-net is configured.
We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when `async_hooks.createHook()` is enabled. Instead of reaching `process.on('uncaughtException')`, the process terminates, making the crash unrecoverable. [CVSS 7.5 HIGH]
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. [CVSS 7.5 HIGH]
Parse Server's LDAP authentication adapter fails to properly sanitize user input in Distinguished Names and group filters, allowing authenticated attackers to inject LDAP commands and bypass group-based access controls. This vulnerability enables privilege escalation for any valid LDAP user to gain membership in restricted groups, affecting deployments that rely on LDAP group policies for authorization. Patches are available in versions 9.5.2-alpha.13 and 8.6.26.
Denial of service in file-type library versions prior to 21.3.1 allows remote attackers to hang Node.js event loops by submitting malformed ASF (WMV/WMA) files that trigger infinite loops during file type detection. Applications using file-type to analyze untrusted input are vulnerable, with a minimal 55-byte payload sufficient to stall processing. No patch is currently available for affected Node.js and File Type products.
Parse Server has a third vulnerability with missing authorization enabling unauthorized operations.
Parse Server versions prior to 9.5.2-alpha.10 and 8.6.23 allow remote attackers to bypass rate limiting protections by submitting multiple requests within a single batch request, since batch processing routes requests internally and circumvents Express middleware controls. Deployments relying on built-in rate limiting are vulnerable to abuse and denial of service attacks. A patch is available in the specified versions.
Parse Server versions prior to 9.5.2-alpha.9 and 8.6.22 fail to properly validate OAuth2 token ownership when the useridField option is not configured, allowing attackers with any valid token from the same provider to impersonate arbitrary users. This authentication bypass affects all Parse Server deployments using the generic OAuth2 adapter without the useridField setting. The vulnerability is resolved in patched versions 9.5.2-alpha.9 and 8.6.22.
Parse Server has a CVSS 10.0 access control vulnerability enabling complete bypass of all data access restrictions.
Parse Server has an incorrect authorization vulnerability enabling unauthorized data access across applications.
Parse Server versions prior to 9.5.2-alpha.6 and 8.6.19 allow authenticated users to bypass field protection checks by nesting query constraints within logical operators, enabling unauthorized extraction of protected field values. This vulnerability affects all Parse Server deployments with default protected fields, as the validation mechanism only inspects top-level query keys. A patch is available in the specified versions.
SQL injection in Sequelize prior to version 6.37.8 allows unauthenticated attackers to execute arbitrary SQL queries and extract sensitive data by manipulating JSON object keys in WHERE clause operations. The vulnerability stems from improper sanitization of cast type parameters in the _traverseJSON() function, which directly interpolates user-controlled input into CAST SQL statements. Node.js applications using affected Sequelize versions are at risk of complete database compromise.
Parse Server's Keycloak authentication adapter fails to validate the authorized party claim in access tokens, allowing tokens issued for one client application to authenticate users on another client within the same Keycloak realm. An authenticated attacker with valid credentials to any client application can exploit this to perform cross-application account takeover against Parse Server instances using Keycloak authentication in multi-client environments. A patch is available in versions 9.5.2-alpha.5 and 8.6.18.
Parse Server versions prior to 9.5.2-alpha.4 and 8.6.17 allow authenticated users to upload SVG files containing malicious JavaScript that executes in the server's origin context due to missing content security headers, enabling attackers to steal session tokens and compromise user accounts. All deployments with file upload enabled for authenticated users are vulnerable by default, as the file extension filter blocks HTML but not SVG files. A patch is available in the specified versions.
Parse Server versions prior to 9.5.2-alpha.3 and 8.6.16 fail to enforce class-level permissions on LiveQuery subscriptions, allowing unauthenticated attackers to subscribe to restricted data classes and receive real-time updates on all objects. This authorization bypass affects all deployments using LiveQuery with permission controls, exposing sensitive data to unauthorized subscribers. A patch is available in the mentioned versions.
Parse-Server versions up to 9.5.2 is affected by allocation of resources without limits or throttling (CVSS 7.5).
simple-git Node.js library has a command injection vulnerability (EPSS with patch) enabling RCE when processing untrusted git operations.
OneUptime prior to 10.0.21 has a third authorization bypass enabling low-privileged users to access admin functions.
NoSQL injection in Parse Server's password reset and email verification endpoints allows unauthenticated attackers to extract authentication tokens by injecting MongoDB query operators through the unvalidated token parameter. Affected deployments running MongoDB with these features enabled are vulnerable to email verification bypass and password reset token theft. The vulnerability is fixed in versions 8.6.14 and 9.5.2-alpha.1.
Unauthenticated attackers can crash Parse Server instances by invoking Cloud Function endpoints with prototype property names, triggering infinite recursion and process termination. Additionally, attackers can bypass validation checks using prototype pollution techniques to elicit HTTP 200 responses for non-existent functions. All Parse Server versions prior to 8.6.13 and 9.5.1-alpha.2 are affected when the Cloud Function endpoint is exposed.
Parse Server versions prior to 8.6.12 and 9.5.1-alpha.1 allow attackers to bypass the requestKeywordDenylist security control by nesting prohibited keywords within objects or arrays in request payloads, enabling injection of restricted data into applications. This logic flaw affects all Parse Server deployments since the denylist is enabled by default, and custom keyword restrictions configured by developers are equally vulnerable to the same bypassing technique. Attackers can exploit this to inject malicious content or bypass access controls on any Parse Server instance.
Specially crafted ZIP archives can escape the intended extraction directory during Node.js download and extraction in Vaadin 14.2.0 versions up to 14.14.0 is affected by path traversal.
Parse Server's LiveQuery feature is vulnerable to denial of service through malicious regex patterns that trigger catastrophic backtracking, freezing the Node.js event loop and rendering the entire server unresponsive to all clients. Attackers only require the publicly available application ID and JavaScript key to exploit this vulnerability on any Parse Server with LiveQuery enabled. Updates to versions 9.5.0-alpha.14 or 8.6.11 and later address this issue.
OneUptime monitoring platform prior to 10.0.18 allows code injection (CVSS 9.9) enabling RCE through the monitoring configuration.
node-tar is a full-featured Tar for Node.js.
Authentication bypass in Parse Server allows unauthenticated access to protected API endpoints. Parse Server is a popular open-source backend framework for mobile and web applications.
Parse Server versions 9.3.1-alpha.3 through 9.5.0-alpha.9 allow unauthenticated attackers to bypass GraphQL introspection restrictions by nesting __type queries within inline fragments, enabling unauthorized schema reconnaissance. An attacker can exploit this to enumerate available types and fields in the GraphQL API despite the graphQLPublicIntrospection control being disabled. The vulnerability affects Parse Server deployments running on Node.js and has been patched in version 9.5.0-alpha.10.
Parse Server versions prior to 8.6.9 and 9.5.0-alpha.9 fail to enforce file access control triggers on the metadata endpoint, allowing unauthenticated attackers to retrieve sensitive file metadata that should be restricted. This bypass occurs because beforeFind and afterFind triggers are not invoked when accessing file metadata, circumventing security gates intended to protect file information. Affected organizations using Parse Server without the patched versions face unauthorized disclosure of file metadata.
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. [CVSS 3.7 LOW]
Arbitrary file overwrite in node-tar before 7.5.10 lets a malicious tar archive write files outside the intended extraction directory on Windows by embedding a hardlink whose target uses a drive-relative path such as 'C:../target.txt'. The flaw triggers during ordinary tar.x() extraction, so any Node.js application that unpacks untrusted archives on Windows is exposed. Publicly available exploit code exists via the GitHub Security Advisory, though EPSS exploitation probability is very low (0.02%) and it is not listed in CISA KEV.
Cross-site request forgery (CSRF) in Ghost CMS versions 5.101.6 through 6.19.2 permits attackers to reuse one-time codes across different login sessions via the /session/verify endpoint, potentially enabling account takeover through phishing attacks. The vulnerability affects Ghost deployments on Node.js and related platforms, requiring no user authentication but relying on user interaction. A patch is available in Ghost version 6.19.3 and later.
express-rate-limit versions 8.0.0 through 8.3.0 (excluding patched versions) collapse all IPv4 client traffic into a single rate-limit bucket due to incorrect IPv6 subnet masking of IPv4-mapped addresses, allowing any client to trigger denial of service for all other IPv4 users by exhausting the shared limit. Public exploit code exists for this vulnerability, affecting Node.js applications using the vulnerable middleware versions. Organizations should upgrade to versions 8.0.2, 8.1.1, 8.2.2, or 8.3.0 immediately.
Parse Server versions prior to 8.6.7 and 9.5.0-alpha.6 expose sensitive database information through unfiltered error responses when processing malformed regex queries. An unauthenticated attacker can craft specially crafted query parameters to leak database internals including error messages, cluster details, and topology information. Patches are available for affected versions.
Improper authorization in Parse Server versions prior to 8.6.6 and 9.5.0-alpha.4 allows read-only master key holders to bypass access controls via the /loginAs endpoint and obtain valid session tokens for arbitrary users. An attacker with readOnlyMasterKey credentials can impersonate any user and gain full read and write access to their data. All Parse Server deployments utilizing readOnlyMasterKey functionality are affected, and no patch is currently available.
Parse Server versions before 8.6.5 and 9.5.0-alpha.3 allow the readOnlyMasterKey to perform write and delete operations on files, violating the intended read-only access restriction. An authenticated attacker with the readOnlyMasterKey can upload arbitrary files or delete existing files via the Files API on affected deployments. No patch is currently available for this medium-severity vulnerability that impacts organizations using Parse Server with exposed file endpoints.
Parse Server's readOnlyMasterKey incorrectly permits write operations on Cloud Hooks and Cloud Jobs despite being documented to deny mutations, allowing authenticated attackers with knowledge of the key to create, modify, and delete hooks or trigger jobs for potential data exfiltration. This vulnerability affects all Parse Server deployments using the readOnlyMasterKey option and has been patched in versions 8.6.4 and 9.4.1-alpha.3.
@hono/node-server versions prior to 1.19.10 contain an authorization bypass in static file serving due to inconsistent URL decoding between routing middleware and file resolution logic. An unauthenticated remote attacker can bypass route-based access controls by crafting requests with encoded slashes (%2F) to access protected static resources that should be restricted by middleware. Organizations running affected versions should upgrade immediately as no workaround is available.
Denial of service in SVGO versions 2.1.0-2.8.0, 3.0.0-3.3.2, and before 4.0.1 allows unauthenticated attackers to crash the Node.js process through XML entity expansion attacks, with a minimal 811-byte payload triggering heap exhaustion. Public exploit code exists for this vulnerability, and no patch is currently available. Affected users of SVGO, Node.js, and Golang implementations should restrict input sources until updates are released.
Prototype pollution in oRPC before 1.13.6. PoC and patch available.
Improper path validation in OpenClaw Gateway versions before 2026.2.14 enables authenticated administrators to achieve arbitrary code execution by manipulating hook module paths passed to dynamic imports. An attacker with configuration modification privileges can load and execute malicious local modules within the Node.js process, gaining full system compromise capabilities.
Arbitrary code execution in Ghost CMS versions 0.7.2 through 6.19.0 allows authenticated attackers with theme upload privileges to execute malicious code on the server by crafting specially designed theme files. The vulnerability affects Ghost installations running on Node.js and requires high privileges to exploit, though successful attacks compromise complete server integrity with confidentiality, integrity, and availability impact. No patch is currently available for affected versions.
Dark Reader is an accessibility browser extension that makes web pages colors dark. The dynamic dark mode feature of the extension works by analyzing the colors of web pages found in CSS style sheet files. [CVSS 3.4 LOW]
Denial of service in Multer (Express.js multipart/form-data middleware) before version 2.1.1 allows remote unauthenticated attackers to crash a Node.js application by sending specially malformed multipart requests that trigger uncontrolled recursion and stack overflow. Affecting one of the most widely used file-upload middlewares in the Node.js/Express ecosystem, the flaw carries a CVSS 4.0 base score of 8.7 with availability-only impact. There is no public exploit identified at time of analysis and the EPSS score is very low (0.06%, 18th percentile), but a vendor patch and Red Hat errata are available.
Denial of service in Multer (the Express/Node.js multipart/form-data middleware) before version 2.1.0 lets remote attackers exhaust server resources by submitting malformed multipart requests, crashing or hanging the upload-handling process. The flaw scores CVSS 4.0 8.7 with an availability-only impact and requires no authentication or user interaction; no public exploit has been identified at time of analysis and EPSS rates near-term exploitation probability very low (0.06%, 17th percentile). A vendor patch (2.1.0) is available and Red Hat has shipped errata, but no workaround exists.
Denial of service in Multer (Express.js multipart/form-data middleware) before version 2.1.0 lets remote unauthenticated attackers exhaust server resources by abruptly dropping the connection mid file-upload, leaving allocated resources unreleased. The flaw maps to CWE-772 (missing release of resource) and carries a CVSS 4.0 base score of 8.7 driven entirely by availability impact. There is no public exploit identified at time of analysis and the EPSS probability is very low (0.06%), but a fixed release (2.1.0) is available and no workarounds exist.
Host header injection in Koa's ctx.hostname API (versions prior to 2.16.4 and 3.1.2) allows remote attackers to inject arbitrary hostnames through malformed Host headers containing @ symbols, affecting applications that use this API for security-sensitive operations like URL generation, password reset links, and email verification. Public exploit code exists for this vulnerability. Applications relying on ctx.hostname for routing decisions or generating user-facing URLs are at risk of credential theft, account compromise, and phishing attacks.
Minimatch versions before 3.1.3 through 10.2.3 suffer from catastrophic backtracking in glob pattern matching when processing multiple GLOBSTAR segments, allowing attackers who control glob patterns to trigger exponential time complexity and cause denial of service. Public exploit code exists for this vulnerability, and affected Node.js applications using vulnerable Minimatch versions are at immediate risk. No patch is currently available, requiring users to upgrade to patched versions or implement input validation as a mitigation.
Improper input validation in TerriaJS-Server versions before 4.0.3 allows unauthenticated remote attackers to bypass domain allowlist restrictions and proxy requests to arbitrary domains. This vulnerability affects Node.js deployments of TerriaJS and could enable attackers to access restricted resources or perform server-side request forgery attacks. A patch is available in version 4.0.3 and later.
Weak cryptographic algorithm in Parse Server before 8.6.3/9.1.1-alpha.4 allows attackers to bypass security mechanisms. Patch available.
Additional expression evaluation exploits in n8n before 2.10.1/2.9.3/1.123.22. Fourth distinct code execution path through the expression engine. Patch available.
Path traversal in basic-ftp Node.js FTP client library before 5.2.0 allows malicious FTP servers to write files outside the intended download directory. PoC and patch available.
Authentication bypass in FUXA SCADA/HMI system 1.2.8 and prior leading to Remote Code Execution. Unauthenticated attackers can execute arbitrary code on industrial control HMI systems. EPSS 0.64% with PoC available.
Code injection in OneUptime monitoring via custom JS monitor using vm module. PoC and patch available.
Email content leakage in Lettermint Node.js SDK versions 1.5.0 and below allows local authenticated users to intercept sensitive email data when a single client instance sends multiple messages, as email properties are not properly cleared between sends. Applications using transactional email flows with reused client instances risk exposing recipient addresses and message content to unintended parties. The vulnerability has been patched in version 1.5.1.
SQL injection in Ghost CMS versions 3.24.0 through 6.19.0 allows unauthenticated attackers to read arbitrary database data. Patch available.
Path traversal in node-tar versions 7.5.7 and earlier allows local attackers to read and write arbitrary files outside the extraction directory by crafting malicious tar archives containing hardlinks that bypass extraction path validation. Public exploit code exists for this vulnerability, which affects default extraction configurations in Node.js and related Tar implementations. The vulnerability has been patched in node-tar 7.5.8.
Code inclusion from untrusted source in Slyde presentation tool 0.0.4 and below. Automatically imports plugin files. Patch available.
Arbitrary command execution in OpenClaw versions 2026.1.8 through 2026.2.13 allows attackers to execute shell commands when developers or CI systems run the update-clawtributors.ts maintenance script on repositories containing malicious commit metadata. The vulnerability stems from unsanitized interpolation of git author emails into shell commands via execSync, exploitable only by those with access to the development environment or source repository. Version 2026.2.14 patches the issue.
Command injection in systeminformation versions before 5.31.0 allows local attackers with user privileges to execute arbitrary system commands through unsanitized output parsing in the versions() function. Public exploit code exists for this vulnerability, which provides complete system compromise capabilities including information disclosure, modification, and denial of service. Upgrade to version 5.31.0 or later to remediate.
Command injection in the systeminformation Node.js library (versions prior to 5.30.8) lets attackers run arbitrary OS commands on Linux hosts through the wifiNetworks() function. While the iface argument is sanitized on the first call, the setTimeout retry path (triggered when the initial scan returns no results) re-invokes getWifiNetworkListIw() with the original unsanitized value, which reaches execSync('iwlist <iface> scan'). Any application that forwards user-controlled input to si.wifiNetworks() can be coerced into executing commands with the Node.js process privileges; publicly available exploit code exists, though EPSS risk is low (0.08%, 24th percentile) and it is not on the CISA KEV list.
farmfe/core versions up to 1.7.6 contains a vulnerability that allows attackers to surveil developers running Farm who visit their webpage and steal source code th (CVSS 6.5).
### Summary The `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to cause denial-of-service via memory exhaustion. [CVSS 3.7 LOW]
Prototype pollution in set-in npm package allows modification of Object prototype. PoC and patch available.
Arbitrary code execution in vscode-spell-checker prior to v4.5.4 allows attackers to execute malicious Node.js code by placing a crafted .cspell.config.js file in an untrusted workspace, since the extension fails to validate VS Code's workspace-trust state before loading configuration files. An attacker can exploit this by tricking users into opening a malicious workspace, resulting in code execution with the privileges of the extension host process.
Axios versions up to 0.30.3 is affected by improper check for unusual or exceptional conditions (CVSS 7.5).
Remote code execution in the jsonpath npm package (versions <1.2.0) allows unauthenticated attackers to execute arbitrary JavaScript code by injecting malicious JSON Path expressions. The vulnerability stems from unsafe evaluation through the static-eval module, which processes user-supplied JSON Path input without proper sanitization. All query methods (.query, .nodes, .paths, .value, .parent, .apply) are affected. While EPSS scoring indicates relatively low widespread exploitation probability (0.09%, 26th percentile), multiple vendor patches from Red Hat and SUSE confirm the severity, and publicly available exploit code exists (CVSS E:P). This represents critical risk for Node.js applications processing untrusted JSON Path expressions, with potential for both server-side RCE and browser-based XSS depending on execution context.
Client-certificate-auth middleware for Node.js versions 0.2.1 and 0.3.0 fails to validate the Host header when redirecting HTTP requests to HTTPS, enabling attackers to craft malicious redirects that direct users to arbitrary domains. Public exploit code exists for this open redirect vulnerability, and no patch is currently available for affected versions.
@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, the library attempts to eagerly generate every possible combination synchronously. Because the expansion grows exponentially, even a small input can consume excessive CPU and memory and may crash the...
n8n has a command injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary OS commands through workflow definitions.
n8n workflow automation platform has an authenticated code execution vulnerability (CVSS 9.9) through improper runtime behavior modification, enabling server takeover.
n8n is an open source workflow automation platform. From version 1.65.0 to before 1.114.3, the use of Buffer.allocUnsafe() and Buffer.allocUnsafeSlow() in the task runner allowed untrusted code to allocate uninitialized memory. [CVSS 7.7 HIGH]
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.3, a denial-of-service vulnerability in Fastify’s Web Streams response handling can allow a remote client to exhaust server memory. Applications that return a ReadableStream (or Response with a Web Stream body) via reply.send() are impacted. A slow or non-reading client can trigger unbounded buffering when backpressure is ignored, leading to process crashes or severe degradation. This issue has been patched in...
Fastify versions before 5.7.2 allow attackers to bypass request body validation by injecting a tab character into the Content-Type header, enabling malicious payloads to reach application logic without validation checks. This remote attack requires no authentication and affects Node.js applications using vulnerable Fastify versions. A patch is available in version 5.7.2 and later.
jsPDF versions prior to 4.1.0 contain a race condition in the addJS method where a shared module-scoped variable is overwritten during concurrent PDF generation, causing JavaScript payloads and embedded data intended for one user to be included in another user's generated PDF. This cross-user data leakage primarily affects server-side Node.js deployments handling simultaneous requests, allowing attackers to access sensitive information leaked across user sessions. Public exploit code exists for this vulnerability.
Arbitrary Python code execution in Backstage's @backstage/plugin-techdocs-node (versions < 1.13.11 and = 1.14.0) lets a contributor who can add or edit a repository's mkdocs.yml inject a malicious MkDocs `hooks` directive that runs on the TechDocs build server whenever TechDocs is configured with `runIn: local`. The flaw also affects documentation built in CI/CD via @techdocs/cli, which bundles the same package. EPSS is very low (0.02%, 6th percentile) and there is no public exploit identified at time of analysis, but the CVSS of 8.8 reflects full host compromise of the build environment.
Backstage TechDocs plugin versions prior to 1.13.11 and 1.14.1 contain a path traversal vulnerability that allows authenticated attackers to read arbitrary files from the host filesystem when the local generator is enabled. The vulnerability stems from insufficient symlink validation during the documentation build process, enabling attackers to embed sensitive file contents into generated HTML accessible to documentation viewers. Organizations using `techdocs.generator.runIn: local` with untrusted documentation sources are at risk until patching to the fixed versions.
Deephas versions up to 1.0.7 is affected by improperly controlled modification of object prototype attributes (prototype pollution) (CVSS 8.8).
The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not properly sanitized in lib/Local.js. [CVSS 7.8 HIGH]
node-tar before version 7.5.7 contains a path traversal vulnerability where inconsistent path resolution between validation and execution logic allows attackers to bypass security checks and create hardlinks to arbitrary files outside the intended extraction directory. Public exploit code exists for this vulnerability, affecting Node.js applications that process untrusted TAR archives. An attacker can craft a malicious TAR file to write to sensitive locations on the system.
Bun versions prior to 1.3.5 allow attackers to bypass the trusted dependencies allowlist by creating non-npm packages with names matching legitimate packages, enabling potential code execution through dependency confusion attacks. This local vulnerability affects systems using Bun's package management where an attacker can craft malicious packages with identical names to trusted dependencies. No patch is currently available for affected Node.js and GitHub integrations.
pnpm versions before 10.28.2 fail to validate the `directories.bin` field during package processing, allowing malicious packages to use path traversal (e.g., `../../../../tmp`) to escape the package root and chmod 755 files at arbitrary locations on Unix-like systems. Public exploit code exists for this vulnerability. The issue affects Linux, macOS, and Node.js environments but not Windows due to platform-specific protections.
pnpm versions prior to 10.28.2 fail to properly constrain symlink resolution when installing file: and git: dependencies, allowing malicious packages to copy sensitive files from the host system into node_modules and leak credentials. This affects developers using local file dependencies and CI/CD pipelines installing git-based packages, with public exploit code available. The vulnerability enables theft of credentials from locations like ~/.ssh/id_rsa and ~/.npmrc by exploiting symlinks to absolute paths outside the package root.
Pnpm versions up to 10.28.1 contains a vulnerability that allows attackers to overwriting config files, scripts, or other sensitive files (CVSS 6.5).
Path traversal in pnpm's tarball extraction on Windows allows attackers to write files outside the intended package directory by exploiting incomplete path normalization that fails to block backslash-based traversal sequences. Public exploit code exists for this vulnerability, which affects Windows developers and CI/CD pipelines (GitHub Actions, Azure DevOps) and could result in overwriting sensitive configuration files like .npmrc or build configurations. A patch is available in pnpm version 10.28.1 and later.
Path traversal in pnpm's binary fetcher (versions prior to 10.28.1) allows attackers to write files outside the intended extraction directory through malicious ZIP entries or crafted prefix values, potentially overwriting critical configuration files and scripts on affected systems. All pnpm users installing packages with binary assets are vulnerable, particularly those in CI/CD pipelines or with custom Node.js binary configurations. Public exploit code exists for this medium-severity vulnerability.
Sandbox escape in vm2 Node.js sandbox before 3.10.2 via Promise.prototype.then/catch callback sanitization bypass. PoC and patch available.
A denial of service vulnerability exists in Next.js versions with Partial Prerendering (PPR) enabled when running in minimal mode. The PPR resume endpoint accepts unauthenticated POST requests with the `Next-Resume: 1` header and processes attacker-controlled postponed state data. [CVSS 5.9 MEDIUM]
Openfire 4.6.0 contains a stored cross-site scripting vulnerability in the nodejs plugin that allows attackers to inject malicious scripts through the 'path' parameter. [CVSS 6.4 MEDIUM]
npm cli contains an insecure module loading mechanism that enables local privilege escalation on Node.js installations. An attacker with low-privileged code execution can exploit this flaw to gain elevated privileges and execute arbitrary code with target user permissions. No patch is currently available for this vulnerability.
Node.js TLS servers using PSK or ALPN callbacks are vulnerable to denial of service when these callbacks throw unhandled synchronous exceptions during the TLS handshake. Remote attackers can exploit this by sending specially crafted TLS handshake requests to trigger resource exhaustion or process crashes, either through immediate termination or silent file descriptor leaks. No patch is currently available for this vulnerability.
Node.js has a CVSS 10.0 permission model bypass that allows Unix Domain Socket connections to completely bypass network restrictions when --allow-net is configured.
We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when `async_hooks.createHook()` is enabled. Instead of reaching `process.on('uncaughtException')`, the process terminates, making the crash unrecoverable. [CVSS 7.5 HIGH]
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. [CVSS 7.5 HIGH]