Node.js ships June 18 security release — 12 CVEs across v22, v24, v26
Node.js v22.23.0, v24.17.0 and v26.3.1 fix 12 CVEs including a TLS wildcard hostname bypass (CVE-2026-48618) and a WebCrypto integer overflow DoS (CVE-2026-48933).
Node.js v22.23.0, v24.17.0 and v26.3.1 fix 12 CVEs including a TLS wildcard hostname bypass (CVE-2026-48618) and a WebCrypto integer overflow DoS (CVE-2026-48933).