CNNVD-202601-3180 Information

CNNVD ID

CNNVD-202601-3180

Related CVE

CVE-2025-59466

• CNNVD Published: 2026-01-20

Description (Chinese)

Node.js是Node.js开源的一个开源、跨平台的 JavaScript 运行时环境。 Node.js存在安全漏洞，该漏洞源于启用async_hooks.createHook时最大调用堆栈大小错误变得不可捕获，可能导致进程终止和拒绝服务崩溃。

Description (English)

Node.js is an open-source, cross-platform JavaScript running environment for Node.js. There is a security loophole in Node.js, which stems from the fact that the maximum call stack size error when enabled async books.createHook became uncapable, which could lead to process termination and denial of service collapse.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Node.js

Published

2026-01-20

Last Modified

2026-02-24

References

https://nodejs.org/en/blog/vulnerability/december-2025-security-releases https://access.redhat.com/security/cve/cve-2025-59466

Patch

https://nodejs.org/en/blog/vulnerability/december-2025-security-releases