Known Vulnerabilities for Node by Nodejs
Listed below are 10 of the newest known vulnerabilities associated with "Node" by "Nodejs".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56762 json | Hono before 4.12.12 does not validate cookie names on the write path in the setCookie(), serialize(), and serializeSigned() f... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-56357 json | n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to imple... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-56348 json | n8n before 2.20.0 contains a credential exfiltration vulnerability in the POST /rest/dynamic-node-parameters/options endpoint... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-56301 json | Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7, when running the development server (nuxt dev) on Linux, binds the vite-nod... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-56275 json | Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to b... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-56268 json | Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When ... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-56109 json | The Advanced Linux Sound Architecture (ALSA) library before 1.2.16.1 contains a double-free vulnerability in parse_def() in s... | Not Provided | 2026-06-22 | 2026-06-22 |
| CVE-2026-55603 json | http-proxy-middleware is node.js http-proxy middleware. From 3.0.4 until 3.0.7 and 4.1.1, fixRequestBody() is the library's d... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-55602 json | http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware doc... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-55447 json | Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, by controlling a files that ar... | Not Provided | 2026-06-23 | 2026-06-23 |