ГлавнаяУязвимости → CVE-2026-48933
7.5высокая

CVE-2026-48933

Описание

A flaw in Node.js WebCrypto implementation can crash the process if the input of `subtle.encrypt()` is a multiple of 2GiB. This vulnerability affects all supported release lines: **Node.js 22**, **Node.js 24**, and **Node.js 26**.

Затрагиваемое ПО
Nodejs Node.js
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://nodejs.org/en/blog/vulnerability/june-2026-security-releaseshttps://access.redhat.com/errata/RHSA-2026:28727https://access.redhat.com/errata/RHSA-2026:29012https://access.redhat.com/errata/RHSA-2026:30172https://access.redhat.com/errata/RHSA-2026:35841https://access.redhat.com/errata/RHSA-2026:35842https://access.redhat.com/errata/RHSA-2026:35891https://access.redhat.com/errata/RHSA-2026:35892