PT-2026-52062 · Openjs Foundation · Node.Js

Published

2026-06-23

·

Updated

2026-06-26

·

CVE-2026-48934

CVSS v3.1

4.3

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Node.js versions 22.x through 26.3.0
Description A flaw in the TLS host verification process allows an attacker to bypass certification validation.
Recommendations Update Node.js to version 26.3.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2026-48934
OPENSUSE-SU-2026:11110-1
OPENSUSE-SU-2026:11121-1
SUSE-SU-2026:2633-1
SUSE-SU-2026:2647-1

Affected Products

Node.Js