Exposure of Node.js

Programming languages

96

exposure score

532,066

sites use

0

exploited

4

critical

CVEs

127 results

CVE-2025-59464MEDIUMA memory leak in Node.js’s OpenSSL integration occurs when converting `X.509` certificate fields to UTF-8 without freeing the allocated buffEPSS 0.2%CVE-2025-55132LOWA flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via `futimes()` even when the process EPSS 0.2%CVE-2021-20327MEDIUMMongoDB Node.js client side field level encryption library may not be validating KMS certificateEPSS 0.2%CVE-2026-48617LOWA flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Misvalidation. This can lead to confideEPSS 0.2%CVE-2026-21716LOWAn incomplete fix for CVE-2024-36137 leaves `FileHandle.chmod()` and `FileHandle.chown()` in the promises API without the required permissioEPSS 0.2%CVE-2026-21715LOWA flaw in Node.js Permission Model filesystem enforcement leaves `fs.realpathSync.native()` without the required read permission checks, whiEPSS 0.2%CVE-2026-21711MEDIUMA flaw in Node.js Permission Model network enforcement leaves Unix Domain Socket (UDS) server operations without the required permission cheEPSS 0.1%

← previouspage 7 / 7next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →