Nodejs security advisory (AV26-277)

Serial number: AV26-277
Date: March 25, 2026

On March 24, 2026, Nodejs published security advisories to address vulnerabilities in the following products:

• Node.js 20 – versions prior to v20.20.2 (LTS)
• Node.js 22 – versions prior to v22.22.2 (LTS)
• Node.js 24 – versions prior to v24.14.1 (LTS)
• Node.js 25 – versions prior to v25.8.2 (Current)

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Node.js 20.20.2 (LTS)
• Node.js 22.22.2 (LTS)
• Node.js 24.14.1 (LTS)
• Node.js 25.8.2 (Current)
• Nodejs Releases