CVE-2026-21714 | Node.js up to 20.20.1/22.22.1/24.14.0/25.8.1 HTTP/2 Server resource consumption

Inserito da Angelo Barbosa | Mar 30, 2026 | CVE

A vulnerability, which was classified as problematic, was found in Node.js up to 20.20.1/22.22.1/24.14.0/25.8.1. Affected by this issue is some unknown functionality of the component HTTP2 Server. Such manipulation leads to resource consumption.

This vulnerability is documented as CVE-2026-21714. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.

CVE-2026-21714 | Node.js up to 20.20.1/22.22.1/24.14.0/25.8.1 HTTP/2 Server resource consumption

Post correlati

CVE-2024-4308 | Ofofonobs HubBank 1.0.2 id sql injection

CVE-2024-41992 | Arcadyan FMIMG51AX000J Alliance Wi-Fi Test Suite command injection (VU#123336)

CVE-2024-2489 | Tenda AC18 15.03.05.05 SetNetControlList formSetQosBand list stack-based overflow

CVE-2025-10502 | Google Chrome up to 140.0.7339.127 ANGLE heap-based overflow