CVE-2026-21712 | Node.js up to 20.20.1/22.22.1/24.14.0/25.8.1 URL node_url.cc url.format assertion

Inserito da Angelo Barbosa | Mar 30, 2026 | CVE

A vulnerability classified as problematic was found in Node.js up to 20.20.1/22.22.1/24.14.0/25.8.1. Affected is the function url.format of the file node_url.cc of the component URL Handler. The manipulation results in reachable assertion.

This vulnerability is cataloged as CVE-2026-21712. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-21712 | Node.js up to 20.20.1/22.22.1/24.14.0/25.8.1 URL node_url.cc url.format assertion

Post correlati

CVE-2026-3955 | elecV2P up to 3.8.3 jsfile Endpoint wbjs.js runJSFile code injection (Issue 194)

CVE-2024-40726 | Netbox 4.0.3 Name cross site scripting

CVE-2024-10008 | Masteriyo LMS Plugin up to 1.13.3 on WordPress authorization

CVE-2023-49347 | budgie-wpreviews 2.1 temp file