CVE-2026-21713 | Node.js up to 20.20.1/22.22.1/24.14.0/25.8.1 HMAC Verification crypto_hmac.cc memcmp comparison

Inserito da Angelo Barbosa | Mar 30, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Node.js up to 20.20.1/22.22.1/24.14.0/25.8.1. Affected by this vulnerability is the function memcmp of the file crypto_hmac.cc of the component HMAC Verification. This manipulation causes incorrect comparison.

This vulnerability is registered as CVE-2026-21713. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-21713 | Node.js up to 20.20.1/22.22.1/24.14.0/25.8.1 HMAC Verification crypto_hmac.cc memcmp comparison

Post correlati

CVE-2025-14756 | TP-Link Systems Archer MR600 5.0 Admin Interface command injection

CVE-2024-35908 | Linux Kernel up to 6.1.84/6.6.25/6.8.4 tls_sw_recvmsg memory leak

CVE-2024-44296 | Apple watchOS protection mechanism

CVE-2023-28074 | Dell BSAFE Micro Edition Suite integer overflow (dsa-2023-120)