Node.js 25.8.2 (Current)
Rafael Gonzaga
2026-03-24, Version 25.8.2 (Current), @RafaelGSS
This is a security release.
Notable Changes
- (CVE-2026-21637) wrap
SNICallback
invocation intry
/catch
(Matteo Collina) - High - (CVE-2026-21710) use null prototype for
headersDistinct
/trailersDistinct
(Matteo Collina) - High - (CVE-2026-21711) include permission check to
pipe_wrap.cc
(RafaelGSS) - Medium - ...