Nodejs 24.4.1 Security Release

Details: Last Updated: August 01, 2025

Security release!

CVE-2025-27209
CVE-2025-27210

Notable Changes

(CVE-2025-27209) HashDoS in V8 with new RapidHash algorithm
(CVE-2025-27210) Windows Device Names (CON, PRN, AUX) Bypass Path Traversal Protection in path.normalize()

Commits

[c33223f1a5] - (CVE-2025-27209) deps: V8: revert rapidhash commits (Michaël Zasso) nodejs-private/node-private#713
[56f9db2aaa] - (CVE-2025-27210) lib: handle all windows reserved driver name (RafaelGSS) nodejs-private/node-private#721

Release URL: https://github.com/Bearsampp/module-nodejs/releases/tag/2025.7.31

Our Supporters

AM Graphix

Tassos gr

Sorry, this website uses features that your browser doesn’t support. Upgrade to a newer version of Firefox, Chrome, Safari, or Edge and you’ll be all set.

Knowledge Base Chat

Hello! I'm your AI assistant. Ask me anything about our knowledge base and I'll help you find the information you need.